├── .coveragerc ├── .gitignore ├── .travis.yml ├── LICENSE ├── MANIFEST.in ├── README.md ├── cosmic_ray_config.yaml ├── docs ├── Makefile ├── conf.py ├── index.rst ├── readme.rst └── source │ ├── modules.rst │ ├── nephos.composer.rst │ ├── nephos.fabric.rst │ ├── nephos.helpers.rst │ └── nephos.rst ├── examples ├── ca-nephos-local.crt ├── ca-nephos-local.key ├── ca-nephos-local.pem ├── certManagerCI_production.yaml ├── certManagerCI_staging.yaml ├── dev │ ├── config │ │ ├── configtx.yaml │ │ ├── crypto-config.yaml │ │ └── fabric-ca-client-config.yaml │ ├── crypto │ │ └── crypto-config │ │ │ ├── ordererOrganizations │ │ │ └── orderers.svc.cluster.local │ │ │ │ ├── ca │ │ │ │ ├── b7920824afa4f50db95e2354581ab7461841a53bf64c0386064369f09ba59a4f_sk │ │ │ │ └── ca.orderers.svc.cluster.local-cert.pem │ │ │ │ ├── msp │ │ │ │ ├── admincerts │ │ │ │ │ └── Admin@orderers.svc.cluster.local-cert.pem │ │ │ │ ├── cacerts │ │ │ │ │ └── ca.orderers.svc.cluster.local-cert.pem │ │ │ │ └── tlscacerts │ │ │ │ │ └── tlsca.orderers.svc.cluster.local-cert.pem │ │ │ │ ├── orderers │ │ │ │ └── ord1-hlf-ord.orderers.svc.cluster.local │ │ │ │ │ ├── msp │ │ │ │ │ ├── admincerts │ │ │ │ │ │ └── Admin@orderers.svc.cluster.local-cert.pem │ │ │ │ │ ├── cacerts │ │ │ │ │ │ └── ca.orderers.svc.cluster.local-cert.pem │ │ │ │ │ ├── keystore │ │ │ │ │ │ └── d5d80631395671460ab46531aa7e62c0cf87869b272a8f474d1be0ecf4989290_sk │ │ │ │ │ ├── signcerts │ │ │ │ │ │ └── ord1-hlf-ord.orderers.svc.cluster.local-cert.pem │ │ │ │ │ └── tlscacerts │ │ │ │ │ │ └── tlsca.orderers.svc.cluster.local-cert.pem │ │ │ │ │ └── tls │ │ │ │ │ ├── ca.crt │ │ │ │ │ ├── server.crt │ │ │ │ │ └── server.key │ │ │ │ ├── tlsca │ │ │ │ ├── 4166da17f6712756896e61dba499814e5f40cef704201df5628d8ef0a8e9d2f6_sk │ │ │ │ └── tlsca.orderers.svc.cluster.local-cert.pem │ │ │ │ └── users │ │ │ │ └── Admin@orderers.svc.cluster.local │ │ │ │ ├── msp │ │ │ │ ├── admincerts │ │ │ │ │ └── Admin@orderers.svc.cluster.local-cert.pem │ │ │ │ ├── cacerts │ │ │ │ │ └── ca.orderers.svc.cluster.local-cert.pem │ │ │ │ ├── keystore │ │ │ │ │ └── 003e189a7fc4c454f1b6dab08c2f313c98d13b40388b04acd348b8aba5a2cc35_sk │ │ │ │ ├── signcerts │ │ │ │ │ └── Admin@orderers.svc.cluster.local-cert.pem │ │ │ │ └── tlscacerts │ │ │ │ │ └── tlsca.orderers.svc.cluster.local-cert.pem │ │ │ │ └── tls │ │ │ │ ├── ca.crt │ │ │ │ ├── client.crt │ │ │ │ └── client.key │ │ │ └── peerOrganizations │ │ │ └── peers.svc.cluster.local │ │ │ ├── ca │ │ │ ├── 512fad948caabae208f8005155af9782b8945ef3fef219ada5c9d08b1923f399_sk │ │ │ └── ca.peers.svc.cluster.local-cert.pem │ │ │ ├── msp │ │ │ ├── admincerts │ │ │ │ └── Admin@peers.svc.cluster.local-cert.pem │ │ │ ├── cacerts │ │ │ │ └── ca.peers.svc.cluster.local-cert.pem │ │ │ └── tlscacerts │ │ │ │ └── tlsca.peers.svc.cluster.local-cert.pem │ │ │ ├── peers │ │ │ └── peer1-hlf-peer.peers.svc.cluster.local │ │ │ │ ├── msp │ │ │ │ ├── admincerts │ │ │ │ │ └── Admin@peers.svc.cluster.local-cert.pem │ │ │ │ ├── cacerts │ │ │ │ │ └── ca.peers.svc.cluster.local-cert.pem │ │ │ │ ├── keystore │ │ │ │ │ └── b2336f4865c5f471a3118444e3a8acaba9bab443f05304f499e34da9329f41c0_sk │ │ │ │ ├── signcerts │ │ │ │ │ └── peer1-hlf-peer.peers.svc.cluster.local-cert.pem │ │ │ │ └── tlscacerts │ │ │ │ │ └── tlsca.peers.svc.cluster.local-cert.pem │ │ │ │ └── tls │ │ │ │ ├── ca.crt │ │ │ │ ├── server.crt │ │ │ │ └── server.key │ │ │ ├── tlsca │ │ │ ├── 23710b53fa21c30ae92c70f8189be90d90ec88d7a33e90b19499c6a3654dc0af_sk │ │ │ └── tlsca.peers.svc.cluster.local-cert.pem │ │ │ └── users │ │ │ └── Admin@peers.svc.cluster.local │ │ │ ├── msp │ │ │ ├── admincerts │ │ │ │ └── Admin@peers.svc.cluster.local-cert.pem │ │ │ ├── cacerts │ │ │ │ └── ca.peers.svc.cluster.local-cert.pem │ │ │ ├── keystore │ │ │ │ └── 79cee3f6d889ee90fcaf92115a4b22f1b606c8e2339c594e21693ae916a53dd4_sk │ │ │ ├── signcerts │ │ │ │ └── Admin@peers.svc.cluster.local-cert.pem │ │ │ └── tlscacerts │ │ │ │ └── tlsca.peers.svc.cluster.local-cert.pem │ │ │ └── tls │ │ │ ├── ca.crt │ │ │ ├── client.crt │ │ │ └── client.key │ ├── helm_values │ │ ├── hlf-couchdb │ │ │ └── cdb-peer1.yaml │ │ ├── hlf-ord │ │ │ └── ord1.yaml │ │ └── hlf-peer │ │ │ └── peer1.yaml │ └── nephos_config.yaml ├── prod │ ├── config │ │ └── configtx.yaml │ ├── helm_values │ │ ├── hl-composer │ │ │ └── hlc.yaml │ │ ├── hlf-ca │ │ │ └── ca.yaml │ │ ├── hlf-couchdb │ │ │ ├── cdb-peer1.yaml │ │ │ └── cdb-peer2.yaml │ │ ├── hlf-ord │ │ │ ├── ord1.yaml │ │ │ └── ord2.yaml │ │ ├── hlf-peer │ │ │ ├── peer1.yaml │ │ │ └── peer2.yaml │ │ ├── kafka │ │ │ └── kafka-hlf.yaml │ │ └── postgres-ca │ │ │ └── ca-pg.yaml │ └── nephos_config.yaml └── qa │ ├── config │ └── configtx.yaml │ ├── helm_values │ ├── hl-composer │ │ └── hlc.yaml │ ├── hlf-ca │ │ └── ca.yaml │ ├── hlf-couchdb │ │ └── cdb-peer1.yaml │ ├── hlf-ord │ │ └── ord1.yaml │ ├── hlf-peer │ │ └── peer1.yaml │ └── postgres-ca │ │ └── ca-pg.yaml │ └── nephos_config.yaml ├── integration ├── test_dev.py └── test_qa.py ├── nephos ├── __init__.py ├── composer │ ├── __init__.py │ ├── connection_template.py │ ├── install.py │ └── upgrade.py ├── deploy.py ├── extras │ ├── Lets_Encrypt_Authority_X3.pem │ └── helm-rbac.yaml ├── fabric │ ├── __init__.py │ ├── ca.py │ ├── crypto.py │ ├── ord.py │ ├── peer.py │ ├── settings.py │ └── utils.py ├── helpers │ ├── __init__.py │ ├── helm.py │ ├── k8s.py │ └── misc.py └── runners.py ├── requirements.txt ├── setup.py ├── sonar-project.properties ├── tests ├── composer │ ├── test_connection_template.py │ ├── test_install.py │ └── test_upgrade.py ├── fabric │ ├── test_ca.py │ ├── test_crypto.py │ ├── test_ord.py │ ├── test_peer.py │ ├── test_settings.py │ └── test_utils.py ├── helpers │ ├── test_helm.py │ ├── test_k8s.py │ └── test_misc.py ├── test_deploy.py └── test_runners.py └── travis_success.sh /.coveragerc: -------------------------------------------------------------------------------- 1 | [run] 2 | omit = ./setup.py,venv/*,tests/*,integration/* 3 | 4 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Byte-compiled / optimized / DLL files 2 | __pycache__/ 3 | *.py[cod] 4 | *$py.class 5 | 6 | # C extensions 7 | *.so 8 | 9 | # Distribution / packaging 10 | .Python 11 | build/ 12 | develop-eggs/ 13 | dist/ 14 | downloads/ 15 | eggs/ 16 | .eggs/ 17 | lib/ 18 | lib64/ 19 | parts/ 20 | sdist/ 21 | var/ 22 | wheels/ 23 | *.egg-info/ 24 | .installed.cfg 25 | *.egg 26 | MANIFEST 27 | 28 | # PyInstaller 29 | # Usually these files are written by a python script from a template 30 | # before PyInstaller builds the exe, so as to inject date/other infos into it. 31 | *.manifest 32 | *.spec 33 | 34 | # Installer logs 35 | pip-log.txt 36 | pip-delete-this-directory.txt 37 | 38 | # Unit test / coverage reports 39 | htmlcov/ 40 | .tox/ 41 | .coverage 42 | .coverage.* 43 | .cache 44 | nosetests.xml 45 | coverage.xml 46 | *.cover 47 | .hypothesis/ 48 | .pytest_cache/ 49 | 50 | # Translations 51 | *.mo 52 | *.pot 53 | 54 | # Django stuff: 55 | *.log 56 | local_settings.py 57 | db.sqlite3 58 | 59 | # Flask stuff: 60 | instance/ 61 | .webassets-cache 62 | 63 | # Scrapy stuff: 64 | .scrapy 65 | 66 | # Sphinx documentation 67 | docs/_build/ 68 | 69 | # PyBuilder 70 | target/ 71 | 72 | # Jupyter Notebook 73 | .ipynb_checkpoints 74 | 75 | # pyenv 76 | .python-version 77 | 78 | # celery beat schedule file 79 | celerybeat-schedule 80 | 81 | # SageMath parsed files 82 | *.sage.py 83 | 84 | # Environments 85 | .env 86 | .venv 87 | env/ 88 | venv/ 89 | ENV/ 90 | env.bak/ 91 | venv.bak/ 92 | 93 | # Spyder project settings 94 | .spyderproject 95 | .spyproject 96 | 97 | # Rope project settings 98 | .ropeproject 99 | 100 | # mkdocs documentation 101 | /site 102 | 103 | # mypy 104 | .mypy_cache/ 105 | 106 | # Project-specific 107 | .envrc 108 | .idea 109 | 110 | # Misc 111 | .DS_Store 112 | 113 | # Examples 114 | genesis.block 115 | *channel.tx 116 | *MSP 117 | fabric-ca-client-config.yaml 118 | 119 | # Cosmic ray 120 | *session.sqlite 121 | *session.html 122 | -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- 1 | # Based on: https://github.com/LiliC/travis-minikube/blob/minikube-30-kube-1.12/.travis.yml 2 | 3 | sudo: required 4 | 5 | # We need the systemd for the kubeadm and it's default from 16.04+ 6 | dist: xenial 7 | 8 | env: 9 | - CHANGE_MINIKUBE_NONE_USER=true 10 | 11 | language: python 12 | python: 13 | - "3.7-dev" 14 | 15 | addons: 16 | sonarcloud: 17 | organization: "aidtechnology" 18 | 19 | install: 20 | - sudo apt-get install jq 21 | - pip install -r requirements.txt 22 | - pip install codecov 23 | 24 | # Setup Minikube, needed for testing 25 | before_script: 26 | - sudo mount --make-rshared / 27 | # Download kubectl, which is a requirement for using minikube. 28 | - curl -Lo kubectl https://storage.googleapis.com/kubernetes-release/release/v1.12.0/bin/linux/amd64/kubectl && chmod +x kubectl && sudo mv kubectl /usr/local/bin/ 29 | # Download minikube. 30 | - curl -Lo minikube https://storage.googleapis.com/minikube/releases/v0.30.0/minikube-linux-amd64 && chmod +x minikube && sudo mv minikube /usr/local/bin/ 31 | - sudo minikube start --vm-driver=none --bootstrapper=kubeadm --kubernetes-version=v1.12.0 32 | # Fix the kubectl context, as it's often stale. 33 | - minikube update-context 34 | # Wait for Kubernetes to be up and ready. 35 | - JSONPATH='{range .items[*]}{@.metadata.name}:{range @.status.conditions[*]}{@.type}={@.status};{end}{end}'; until kubectl get nodes -o jsonpath="$JSONPATH" 2>&1 | grep -q "Ready=True"; do sleep 1; done 36 | # Start the ingress addon 37 | - sudo minikube addons enable ingress 38 | # Add the minikube IP to the hosts file 39 | - echo "$(minikube ip) ca.nephos.local" | sudo tee -a /etc/hosts 40 | # Install Helm 41 | - sudo apt-get install socat 42 | - curl -Lo /tmp/helm.tar.gz https://kubernetes-helm.storage.googleapis.com/helm-${HELM_VERSION}-linux-amd64.tar.gz 43 | - tar -zxvf /tmp/helm.tar.gz -C /tmp 44 | - sudo mv /tmp/linux-amd64/helm /usr/local/bin/helm 45 | - helm init --wait 46 | # Install Hyperledger Fabric tools 47 | - curl -sSL https://raw.githubusercontent.com/hyperledger/fabric/master/scripts/bootstrap.sh | bash -s ${FABRIC_VERSION} -ds 48 | - export PATH=$(pwd)/bin:$PATH 49 | 50 | # Run tests 51 | script: 52 | - PYTHONPATH=. pytest --ignore=./integration --cov=. --cov-report xml:coverage.xml --cov-report term-missing 53 | - PYTHONPATH=. pytest -x -s ./integration 54 | - sonar-scanner 55 | after_success: 56 | # Code coverage, deploy to PyPI and, when uploading new version, do mutation testing 57 | - ./travis_success.sh 58 | -------------------------------------------------------------------------------- /MANIFEST.in: -------------------------------------------------------------------------------- 1 | include README.md 2 | recursive-include nephos/extras * 3 | -------------------------------------------------------------------------------- /cosmic_ray_config.yaml: -------------------------------------------------------------------------------- 1 | # config.toml 2 | [cosmic-ray] 3 | module-path = "./nephos" 4 | python-version = "" 5 | timeout = 15 6 | exclude-modules = [] 7 | test-command = "pytest" 8 | execution-engine.name = "local" 9 | 10 | [cosmic-ray.cloning] 11 | method = 'copy' 12 | commands = [] 13 | 14 | -------------------------------------------------------------------------------- /docs/Makefile: -------------------------------------------------------------------------------- 1 | # Minimal makefile for Sphinx documentation 2 | # 3 | 4 | # You can set these variables from the command line. 5 | SPHINXOPTS = 6 | SPHINXBUILD = sphinx-build 7 | SOURCEDIR = . 8 | BUILDDIR = _build 9 | 10 | # Put it first so that "make" without argument is like "make help". 11 | help: 12 | @$(SPHINXBUILD) -M help "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O) 13 | 14 | .PHONY: help Makefile 15 | 16 | # Catch-all target: route all unknown targets to Sphinx using the new 17 | # "make mode" option. $(O) is meant as a shortcut for $(SPHINXOPTS). 18 | %: Makefile 19 | @$(SPHINXBUILD) -M $@ "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O) -------------------------------------------------------------------------------- /docs/conf.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | # 3 | # Configuration file for the Sphinx documentation builder. 4 | # 5 | # This file does only contain a selection of the most common options. For a 6 | # full list see the documentation: 7 | # http://www.sphinx-doc.org/en/master/config 8 | 9 | # -- Path setup -------------------------------------------------------------- 10 | 11 | # If extensions (or modules to document with autodoc) are in another directory, 12 | # add these directories to sys.path here. If the directory is relative to the 13 | # documentation root, use os.path.abspath to make it absolute, like shown here. 14 | 15 | import os 16 | import sys 17 | 18 | sys.path.insert(0, os.path.abspath("../")) 19 | 20 | 21 | # -- Project information ----------------------------------------------------- 22 | 23 | project = "Nephos" 24 | copyright = "2019, Alejandro (Sasha) Vicente Grabovetsky" 25 | author = "Alejandro (Sasha) Vicente Grabovetsky" 26 | 27 | # The short X.Y version 28 | version = "0.2" 29 | # The full version, including alpha/beta/rc tags 30 | release = "0.2.9" 31 | 32 | 33 | # -- General configuration --------------------------------------------------- 34 | 35 | # If your documentation needs a minimal Sphinx version, state it here. 36 | # 37 | # needs_sphinx = '1.0' 38 | 39 | # Add any Sphinx extension module names here, as strings. They can be 40 | # extensions coming with Sphinx (named 'sphinx.ext.*') or your custom 41 | # ones. 42 | extensions = [ 43 | "sphinx.ext.autodoc", 44 | "sphinx.ext.coverage", 45 | "sphinx.ext.viewcode", 46 | "sphinx.ext.githubpages", 47 | "sphinx.ext.napoleon", 48 | "m2r", 49 | ] 50 | 51 | # Add any paths that contain templates here, relative to this directory. 52 | templates_path = ["_templates"] 53 | 54 | # The suffix(es) of source filenames. 55 | # You can specify multiple suffix as a list of string: 56 | # 57 | # source_suffix = ['.rst', '.md'] 58 | source_suffix = ".rst" 59 | 60 | # The master toctree document. 61 | master_doc = "index" 62 | 63 | # The language for content autogenerated by Sphinx. Refer to documentation 64 | # for a list of supported languages. 65 | # 66 | # This is also used if you do content translation via gettext catalogs. 67 | # Usually you set "language" from the command line for these cases. 68 | language = None 69 | 70 | # List of patterns, relative to source directory, that match files and 71 | # directories to ignore when looking for source files. 72 | # This pattern also affects html_static_path and html_extra_path. 73 | exclude_patterns = ["_build", "Thumbs.db", ".DS_Store"] 74 | 75 | # The name of the Pygments (syntax highlighting) style to use. 76 | pygments_style = None 77 | 78 | 79 | # -- Options for HTML output ------------------------------------------------- 80 | 81 | # The theme to use for HTML and HTML Help pages. See the documentation for 82 | # a list of builtin themes. 83 | # 84 | html_theme = "sphinx_rtd_theme" 85 | 86 | # Theme options are theme-specific and customize the look and feel of a theme 87 | # further. For a list of options available for each theme, see the 88 | # documentation. 89 | # 90 | # html_theme_options = {} 91 | 92 | # Add any paths that contain custom static files (such as style sheets) here, 93 | # relative to this directory. They are copied after the builtin static files, 94 | # so a file named "default.css" will overwrite the builtin "default.css". 95 | html_static_path = ["_static"] 96 | 97 | # Custom sidebar templates, must be a dictionary that maps document names 98 | # to template names. 99 | # 100 | # The default sidebars (for documents that don't match any pattern) are 101 | # defined by theme itself. Builtin themes are using these templates by 102 | # default: ``['localtoc.html', 'relations.html', 'sourcelink.html', 103 | # 'searchbox.html']``. 104 | # 105 | # html_sidebars = {} 106 | 107 | 108 | # -- Options for HTMLHelp output --------------------------------------------- 109 | 110 | # Output file base name for HTML help builder. 111 | htmlhelp_basename = "Nephosdoc" 112 | 113 | 114 | # -- Options for LaTeX output ------------------------------------------------ 115 | 116 | latex_elements = { 117 | # The paper size ('letterpaper' or 'a4paper'). 118 | # 119 | # 'papersize': 'letterpaper', 120 | # The font size ('10pt', '11pt' or '12pt'). 121 | # 122 | # 'pointsize': '10pt', 123 | # Additional stuff for the LaTeX preamble. 124 | # 125 | # 'preamble': '', 126 | # Latex figure (float) alignment 127 | # 128 | # 'figure_align': 'htbp', 129 | } 130 | 131 | # Grouping the document tree into LaTeX files. List of tuples 132 | # (source start file, target name, title, 133 | # author, documentclass [howto, manual, or own class]). 134 | latex_documents = [ 135 | ( 136 | master_doc, 137 | "Nephos.tex", 138 | "Nephos Documentation", 139 | "Alejandro (Sasha) Vicente Grabovetsky", 140 | "manual", 141 | ) 142 | ] 143 | 144 | 145 | # -- Options for manual page output ------------------------------------------ 146 | 147 | # One entry per manual page. List of tuples 148 | # (source start file, name, description, authors, manual section). 149 | man_pages = [(master_doc, "nephos", "Nephos Documentation", [author], 1)] 150 | 151 | 152 | # -- Options for Texinfo output ---------------------------------------------- 153 | 154 | # Grouping the document tree into Texinfo files. List of tuples 155 | # (source start file, target name, title, author, 156 | # dir menu entry, description, category) 157 | texinfo_documents = [ 158 | ( 159 | master_doc, 160 | "Nephos", 161 | "Nephos Documentation", 162 | author, 163 | "Nephos", 164 | "One line description of project.", 165 | "Miscellaneous", 166 | ) 167 | ] 168 | 169 | 170 | # -- Options for Epub output ------------------------------------------------- 171 | 172 | # Bibliographic Dublin Core info. 173 | epub_title = project 174 | 175 | # The unique identifier of the text. This can be a ISBN number 176 | # or the project homepage. 177 | # 178 | # epub_identifier = '' 179 | 180 | # A unique identification for the text. 181 | # 182 | # epub_uid = '' 183 | 184 | # A list of files that should not be packed into the epub file. 185 | epub_exclude_files = ["search.html"] 186 | 187 | 188 | # -- Extension configuration ------------------------------------------------- 189 | -------------------------------------------------------------------------------- /docs/index.rst: -------------------------------------------------------------------------------- 1 | .. Nephos documentation master file, created by 2 | sphinx-quickstart on Thu Feb 14 17:39:35 2019. 3 | You can adapt this file completely to your liking, but it should at least 4 | contain the root `toctree` directive. 5 | 6 | Welcome to Nephos's documentation! 7 | ================================== 8 | 9 | .. toctree:: 10 | :maxdepth: 2 11 | :caption: Contents: 12 | 13 | readme 14 | 15 | 16 | Indices and tables 17 | ================== 18 | 19 | * :ref:`genindex` 20 | * :ref:`modindex` 21 | * :ref:`search` 22 | -------------------------------------------------------------------------------- /docs/readme.rst: -------------------------------------------------------------------------------- 1 | .. mdinclude:: ../README.md -------------------------------------------------------------------------------- /docs/source/modules.rst: -------------------------------------------------------------------------------- 1 | nephos 2 | ====== 3 | 4 | .. toctree:: 5 | :maxdepth: 4 6 | 7 | nephos 8 | -------------------------------------------------------------------------------- /docs/source/nephos.composer.rst: -------------------------------------------------------------------------------- 1 | nephos.composer package 2 | ======================= 3 | 4 | Submodules 5 | ---------- 6 | 7 | nephos.composer.connection\_template module 8 | ------------------------------------------- 9 | 10 | .. automodule:: nephos.composer.connection_template 11 | :members: 12 | :undoc-members: 13 | :show-inheritance: 14 | 15 | nephos.composer.install module 16 | ------------------------------ 17 | 18 | .. automodule:: nephos.composer.install 19 | :members: 20 | :undoc-members: 21 | :show-inheritance: 22 | 23 | nephos.composer.upgrade module 24 | ------------------------------ 25 | 26 | .. automodule:: nephos.composer.upgrade 27 | :members: 28 | :undoc-members: 29 | :show-inheritance: 30 | 31 | 32 | Module contents 33 | --------------- 34 | 35 | .. automodule:: nephos.composer 36 | :members: 37 | :undoc-members: 38 | :show-inheritance: 39 | -------------------------------------------------------------------------------- /docs/source/nephos.fabric.rst: -------------------------------------------------------------------------------- 1 | nephos.fabric package 2 | ===================== 3 | 4 | Submodules 5 | ---------- 6 | 7 | nephos.fabric.ca module 8 | ----------------------- 9 | 10 | .. automodule:: nephos.fabric.ca 11 | :members: 12 | :undoc-members: 13 | :show-inheritance: 14 | 15 | nephos.fabric.crypto module 16 | --------------------------- 17 | 18 | .. automodule:: nephos.fabric.crypto 19 | :members: 20 | :undoc-members: 21 | :show-inheritance: 22 | 23 | nephos.fabric.ord module 24 | ------------------------ 25 | 26 | .. automodule:: nephos.fabric.ord 27 | :members: 28 | :undoc-members: 29 | :show-inheritance: 30 | 31 | nephos.fabric.peer module 32 | ------------------------- 33 | 34 | .. automodule:: nephos.fabric.peer 35 | :members: 36 | :undoc-members: 37 | :show-inheritance: 38 | 39 | nephos.fabric.settings module 40 | ----------------------------- 41 | 42 | .. automodule:: nephos.fabric.settings 43 | :members: 44 | :undoc-members: 45 | :show-inheritance: 46 | 47 | nephos.fabric.utils module 48 | -------------------------- 49 | 50 | .. automodule:: nephos.fabric.utils 51 | :members: 52 | :undoc-members: 53 | :show-inheritance: 54 | 55 | 56 | Module contents 57 | --------------- 58 | 59 | .. automodule:: nephos.fabric 60 | :members: 61 | :undoc-members: 62 | :show-inheritance: 63 | -------------------------------------------------------------------------------- /docs/source/nephos.helpers.rst: -------------------------------------------------------------------------------- 1 | nephos.helpers package 2 | ====================== 3 | 4 | Submodules 5 | ---------- 6 | 7 | nephos.helpers.helm module 8 | -------------------------- 9 | 10 | .. automodule:: nephos.helpers.helm 11 | :members: 12 | :undoc-members: 13 | :show-inheritance: 14 | 15 | nephos.helpers.k8s module 16 | ------------------------- 17 | 18 | .. automodule:: nephos.helpers.k8s 19 | :members: 20 | :undoc-members: 21 | :show-inheritance: 22 | 23 | nephos.helpers.misc module 24 | -------------------------- 25 | 26 | .. automodule:: nephos.helpers.misc 27 | :members: 28 | :undoc-members: 29 | :show-inheritance: 30 | 31 | 32 | Module contents 33 | --------------- 34 | 35 | .. automodule:: nephos.helpers 36 | :members: 37 | :undoc-members: 38 | :show-inheritance: 39 | -------------------------------------------------------------------------------- /docs/source/nephos.rst: -------------------------------------------------------------------------------- 1 | nephos package 2 | ============== 3 | 4 | Subpackages 5 | ----------- 6 | 7 | .. toctree:: 8 | 9 | nephos.composer 10 | nephos.fabric 11 | nephos.helpers 12 | 13 | Submodules 14 | ---------- 15 | 16 | nephos.deploy module 17 | -------------------- 18 | 19 | .. automodule:: nephos.deploy 20 | :members: 21 | :undoc-members: 22 | :show-inheritance: 23 | 24 | nephos.runners module 25 | --------------------- 26 | 27 | .. automodule:: nephos.runners 28 | :members: 29 | :undoc-members: 30 | :show-inheritance: 31 | 32 | nephos.upgrade\_v11x module 33 | --------------------------- 34 | 35 | .. automodule:: nephos.upgrade_v11x 36 | :members: 37 | :undoc-members: 38 | :show-inheritance: 39 | 40 | 41 | Module contents 42 | --------------- 43 | 44 | .. automodule:: nephos 45 | :members: 46 | :undoc-members: 47 | :show-inheritance: 48 | -------------------------------------------------------------------------------- /examples/ca-nephos-local.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIFNDCCAxwCCQCYygRMy/3XDzANBgkqhkiG9w0BAQsFADBcMQswCQYDVQQGEwJJ 3 | RTEPMA0GA1UECAwGRHVibGluMQ8wDQYDVQQHDAZEdWJsaW4xETAPBgNVBAoMCEFJ 4 | RDpUZWNoMRgwFgYDVQQDDA9jYS5uZXBob3MubG9jYWwwHhcNMTkwMjI2MDQ1MTM5 5 | WhcNMjkwMjIzMDQ1MTM5WjBcMQswCQYDVQQGEwJJRTEPMA0GA1UECAwGRHVibGlu 6 | MQ8wDQYDVQQHDAZEdWJsaW4xETAPBgNVBAoMCEFJRDpUZWNoMRgwFgYDVQQDDA9j 7 | YS5uZXBob3MubG9jYWwwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDL 8 | M4gPH5Y8gW8FTSi+nGm0614vd9xlDwTTff116vbUt2XiP17uycAr3ix70nrWsmhJ 9 | ysZrPWk31tJcLN5iqaavYn2iUGYxR+y3comaBdHxKZ8IaC+gz7dNLQco8Hs1oqTI 10 | 9RzXPd9tkH8BL7uML7Wlau6mLF06nLAwATdbiLlONkH5T1tFV1hby+7Jhn3AyQ0c 11 | XB5ki8p7F7fMRFkYuVwMzrlqdfOHhkd3eRd+LL6zkPdNqbvXgXMO8JaruCR4drEA 12 | BYRUR05cGCHEH+OA6g2RNSn+6YprJ1kqDXYoznp+wvEXe5HbjzonY+zkpgtkaBot 13 | 0n6dSNKvyoQu8Et0i0PSHojI97+s90zM1H1QeXlL223khzAF8uHzuwAkPKirHbWe 14 | ZZIVHV6FKrHsLEb8dxerqug2zQHipNOY/tNQ4idtLN+2383i1q6CynNMb736DB4K 15 | pkNB5pIf/k9dneUpsQRwV1k3SIalzVdaKb5vFLB9a9o73Yj7tu05Bftv19wycjWP 16 | qw3ymJjxrQ3Q1nIGxn9YaR68U/pnkJF3L7qIl+0DmYFFDV7WUn5k7B6hw1mtsVup 17 | Q8ew/DNod5yzyTrFLmp+3TVGYP4eHWpHGloa81cKfqP6cdAGjDO/qU7v1+d8UJtd 18 | qPNKKemK8BMWaCw6i81UCaGam6chWrPJrrhHR3pEnwIDAQABMA0GCSqGSIb3DQEB 19 | CwUAA4ICAQBd26I4OIQ/dIzW4zkZh01dBmjwGnbRKw4XsUKxqsEZLYfryWPQ66K/ 20 | XjGmrLOxo2Cyn2g9Ls5BF/KJWst6vQTLDlSw8xLWdUwfL2IGiBylhZL4Ejnr0Dxn 21 | gI9SkvclhGwcNqRh+/IPoYo47MeuBDx8AR+UepG+TF1beRkgYNjDt3t3Vc2JRXvk 22 | b7F4rKyy06SxWDZbnTH5zzejOwiN/kUEz8/k4UO4mHgJnTHl1OeoHElSPXLr+CQI 23 | L+AYjI578A35o+PLAVT6Z8EcZpHIt8S5V2b/xfBEkiGy8xsLMBMZ8FUGyGfkoOt3 24 | p6qHcVk94Kejxuj+ZUoXNyHxTar0Q1qo7hFwH/FBA0VYCug6INPyb5StU11AfulK 25 | 4lvEHCjRqpnZGXSVhmcJwsYdvw1x8dqKUkjRV5i8Au5Nfmrj1W/WdhcDTCQTc7wP 26 | B9v9GaGL6jBG88xq326UwYw3cq6g6bwFCwIAxj98XmyNx65gqzpTmNXQlPvfXJXn 27 | Vn6J3ALwFXeCPC8KiSyUT2wOmSrgKFbyQlft9B0oDl7HkM5EDVsHnqQX9zaeOoHt 28 | kPd9C3D6kl42YecxLxktvQBVGg3wrEEVj+p84+VxIqOFJg8M6GCwkEMkTbt/65Vc 29 | m73xxCb+tq6yDq88TSH0NuKLAVNaLx599E2R+wIrM3pMh/NftdRpAA== 30 | -----END CERTIFICATE----- 31 | -------------------------------------------------------------------------------- /examples/ca-nephos-local.key: -------------------------------------------------------------------------------- 1 | -----BEGIN PRIVATE KEY----- 2 | MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQDLM4gPH5Y8gW8F 3 | TSi+nGm0614vd9xlDwTTff116vbUt2XiP17uycAr3ix70nrWsmhJysZrPWk31tJc 4 | LN5iqaavYn2iUGYxR+y3comaBdHxKZ8IaC+gz7dNLQco8Hs1oqTI9RzXPd9tkH8B 5 | L7uML7Wlau6mLF06nLAwATdbiLlONkH5T1tFV1hby+7Jhn3AyQ0cXB5ki8p7F7fM 6 | RFkYuVwMzrlqdfOHhkd3eRd+LL6zkPdNqbvXgXMO8JaruCR4drEABYRUR05cGCHE 7 | H+OA6g2RNSn+6YprJ1kqDXYoznp+wvEXe5HbjzonY+zkpgtkaBot0n6dSNKvyoQu 8 | 8Et0i0PSHojI97+s90zM1H1QeXlL223khzAF8uHzuwAkPKirHbWeZZIVHV6FKrHs 9 | LEb8dxerqug2zQHipNOY/tNQ4idtLN+2383i1q6CynNMb736DB4KpkNB5pIf/k9d 10 | neUpsQRwV1k3SIalzVdaKb5vFLB9a9o73Yj7tu05Bftv19wycjWPqw3ymJjxrQ3Q 11 | 1nIGxn9YaR68U/pnkJF3L7qIl+0DmYFFDV7WUn5k7B6hw1mtsVupQ8ew/DNod5yz 12 | yTrFLmp+3TVGYP4eHWpHGloa81cKfqP6cdAGjDO/qU7v1+d8UJtdqPNKKemK8BMW 13 | aCw6i81UCaGam6chWrPJrrhHR3pEnwIDAQABAoICAQC76MqQmbg3+cXuFB1yr3g9 14 | W088/E2uksX2wlLqgb+ClJq+L7YdgiqZJpriYpFAC7nPS5pTv3WWsqzTmpaIjLRd 15 | Cep+eHUYa5fnSR8gdPNhXgj4IEizIIM09kfhvwlhXyedwrXKAiikzHP2Z+q6x7/l 16 | 2c4Zk3sfYZi4u9cyaWxbfGdkItOXex91vE/0ws91wTbDnBhrCK7VR+irGCWAbKFI 17 | Ir9qSOtMz4s1W6CzCLPNoGhhxG2167q3/RqIcAAh+jjSeUeXHF3FYnePQ6ICK+8h 18 | 8hUE63kagEe/ULWNJOw4XxPOkHIgpQG1PX3rL/XnAzH6X+bAkoBrGg9EzOgqPUMX 19 | 3M6fNIUKF1pu5An7JArp13HWLufDya3L4+pBlyzv3CkfSqNlyoTllJHdq8gDi1PJ 20 | kzrIFqqbNEoZ0NBnUtl2AeUn6B4j+SfZdic8JVneqssPjfyd65+S9qPcniXMtWUS 21 | LRnDJZS5Lz1+kIbcD8UskGASCbinA+FF1MAGMYlJRGd5cuFJMHlnoTElQgPg3jtt 22 | xAqMwPcfpJDqqRm2/Cp1RKzaYXK08f4qzWnrX6YctZGCszz7YURG0o7uHJ9ttGDU 23 | gF0zyUSSR+vbQcSB+qSnBrxYbKN2VDQs3hMmsBYK9jmhl+xig7chxDFDMVXSr2Kq 24 | UlQr2VqYa3wZkOeHA1dqgQKCAQEA7+4yvCFMtDfLUmY5Ppkxvd9kB8jRf4HlVbF3 25 | R6aHmsNBO3QN9I/bhMvlTs3xKeEV6NRKd5DwOG3klX6WgyCeb8d1wVmobuls5oNp 26 | 7dnX6Wmb17a/BMUB6TuFeu90xvD+LnfLgEJFrNK9K6By4BNxhKGg1XvSc6iTAeIg 27 | P/x/dMsP+mACj/KIHn9BwLhjS6xiZe5HXBONLIMWAsomYXCKhlcH+QRqxwoufxRs 28 | ZGadAbNLhk8mWpPaMf5KhnMF1xetZEJkg8enD+VprQDkVvD51HGcYzQuN4/DQdqR 29 | W+HPOowDZGV9yucNYRbrLGpNmt945yu9PWvDvT2hRL6OMGtVwQKCAQEA2M+U/7Uk 30 | JcgbCEF6gzQ4gH6IRE7+aQUBAJ4RtTW+e+JYJbeVe0Ifg765mqUkYOVgqVPVAsCE 31 | Mlg0QwjayAz3hUTJD6k+fjV6IK0hZ9UwQPvvvgTz4imUe3LdHeBgL+NejQIdQ4Wa 32 | yXG+wW2V2oI9NnU05gChJNqGKpkCVjijTHzPjrTSlJDV17tAf+AkOqV+OWQqJ1Ny 33 | fhufANRi2NHaMbea/fgu8XcBbaHmbL5FbNG5EvjAklvhqPuUKIEV8rdrV4vI4HFS 34 | K5tDs7bPuXqQ4GLFOMC5vtpPvE/ZRvxf34mPX+4iirR9q9TD3RQ9cDysmiw9BSCd 35 | lp3JtLuVP9XyXwKCAQEAmGzoWHKDS17C0ddVeLpUSn74CqX+yhWYv6cd0ywtrBlt 36 | gLrK/trBqAzs4fKdynBPvfnYUTuIESFnfb3NGwMHBJZf7fTqt4OeBpfoHQ4vR/8q 37 | 3ZEgq4QJIcYJl782ngiOQrEiXJo9r3y2Z1fogwh3Lr6L8fRXD9lBg4nH2T6tLmKv 38 | BO4n0pFO/qjz+d5qXrHmVUFanllhb6zbt+v7FB4uMwhpbT7sIwUJ4vvznJlAF8tz 39 | KKFyCUsy7F3TtLSwOiS1qCMxvjKBpOynBRyy87Tl0pxWsQN+dRflARo9DHVZdKVs 40 | pkR/9P5yloK75xylrsVYBuzXrYSf9sKHiKfSp1oZQQKCAQBahrIL4rJpJBhFZjGl 41 | PtSosixreSA48WHtxBJYu0wBpgxwEytS/9TwyV3t+C4sVxn5GYvDTmbkLngD1Vqk 42 | VOW0u3fIFj6FrAaGRkPAev9e4tLDYIYEVKAuu1Mf+mOvGxyLe+qEGvD6U4f2c68y 43 | QVcVufKQZoriPGvwtVqIbbWhZiuzxkR2y9K99O2Fdy0pX5hIlk4ThYA0r4vAaO2s 44 | 4lJcl/EbQdk38RyjjgoMNZX/TcIc7chaVArw57qA/wUPBw7GyxLgw/AvTPEDxL0P 45 | EOIVDqiSfcYQrk7ErgJm5VGSoHlA8MlzaNFgQcJWOPE+P9dBuF7yGSAzl0Z1NC2p 46 | Lce5AoIBABbw3qHElQSCwW/3gZ4iDfKx0yFa+M03e4HzOpUXhK1PQcZ7PBFH8m84 47 | GlwAhiFB0JQZGSznnYvpTZkhJ8P1Zlf6XXW7XCnwU7ayvWdiU5iUvbVaa1FTcPkH 48 | t48CLW97lHgojQ7kpGGIkItCivShNvkT66L5V0Ybpz8wdbonml1b5/VbYPaY/IrZ 49 | x3SlwEwyAEBq4dxZV6yOttDlCsIavBe2m3GyuWyHApzssUf9ZHl4HNQi4bhqXNEW 50 | H0ciDhhAxoQjnr+EIwv9jRcAdxwm+irlLF2mGPYvgbw0nQ3r2IXrNRs45jefWq2j 51 | USkaxbJJb6NjUjD+lbgfeFLW5gMeTvM= 52 | -----END PRIVATE KEY----- 53 | -------------------------------------------------------------------------------- /examples/ca-nephos-local.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIFNDCCAxwCCQCYygRMy/3XDzANBgkqhkiG9w0BAQsFADBcMQswCQYDVQQGEwJJ 3 | RTEPMA0GA1UECAwGRHVibGluMQ8wDQYDVQQHDAZEdWJsaW4xETAPBgNVBAoMCEFJ 4 | RDpUZWNoMRgwFgYDVQQDDA9jYS5uZXBob3MubG9jYWwwHhcNMTkwMjI2MDQ1MTM5 5 | WhcNMjkwMjIzMDQ1MTM5WjBcMQswCQYDVQQGEwJJRTEPMA0GA1UECAwGRHVibGlu 6 | MQ8wDQYDVQQHDAZEdWJsaW4xETAPBgNVBAoMCEFJRDpUZWNoMRgwFgYDVQQDDA9j 7 | YS5uZXBob3MubG9jYWwwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDL 8 | M4gPH5Y8gW8FTSi+nGm0614vd9xlDwTTff116vbUt2XiP17uycAr3ix70nrWsmhJ 9 | ysZrPWk31tJcLN5iqaavYn2iUGYxR+y3comaBdHxKZ8IaC+gz7dNLQco8Hs1oqTI 10 | 9RzXPd9tkH8BL7uML7Wlau6mLF06nLAwATdbiLlONkH5T1tFV1hby+7Jhn3AyQ0c 11 | XB5ki8p7F7fMRFkYuVwMzrlqdfOHhkd3eRd+LL6zkPdNqbvXgXMO8JaruCR4drEA 12 | BYRUR05cGCHEH+OA6g2RNSn+6YprJ1kqDXYoznp+wvEXe5HbjzonY+zkpgtkaBot 13 | 0n6dSNKvyoQu8Et0i0PSHojI97+s90zM1H1QeXlL223khzAF8uHzuwAkPKirHbWe 14 | ZZIVHV6FKrHsLEb8dxerqug2zQHipNOY/tNQ4idtLN+2383i1q6CynNMb736DB4K 15 | pkNB5pIf/k9dneUpsQRwV1k3SIalzVdaKb5vFLB9a9o73Yj7tu05Bftv19wycjWP 16 | qw3ymJjxrQ3Q1nIGxn9YaR68U/pnkJF3L7qIl+0DmYFFDV7WUn5k7B6hw1mtsVup 17 | Q8ew/DNod5yzyTrFLmp+3TVGYP4eHWpHGloa81cKfqP6cdAGjDO/qU7v1+d8UJtd 18 | qPNKKemK8BMWaCw6i81UCaGam6chWrPJrrhHR3pEnwIDAQABMA0GCSqGSIb3DQEB 19 | CwUAA4ICAQBd26I4OIQ/dIzW4zkZh01dBmjwGnbRKw4XsUKxqsEZLYfryWPQ66K/ 20 | XjGmrLOxo2Cyn2g9Ls5BF/KJWst6vQTLDlSw8xLWdUwfL2IGiBylhZL4Ejnr0Dxn 21 | gI9SkvclhGwcNqRh+/IPoYo47MeuBDx8AR+UepG+TF1beRkgYNjDt3t3Vc2JRXvk 22 | b7F4rKyy06SxWDZbnTH5zzejOwiN/kUEz8/k4UO4mHgJnTHl1OeoHElSPXLr+CQI 23 | L+AYjI578A35o+PLAVT6Z8EcZpHIt8S5V2b/xfBEkiGy8xsLMBMZ8FUGyGfkoOt3 24 | p6qHcVk94Kejxuj+ZUoXNyHxTar0Q1qo7hFwH/FBA0VYCug6INPyb5StU11AfulK 25 | 4lvEHCjRqpnZGXSVhmcJwsYdvw1x8dqKUkjRV5i8Au5Nfmrj1W/WdhcDTCQTc7wP 26 | B9v9GaGL6jBG88xq326UwYw3cq6g6bwFCwIAxj98XmyNx65gqzpTmNXQlPvfXJXn 27 | Vn6J3ALwFXeCPC8KiSyUT2wOmSrgKFbyQlft9B0oDl7HkM5EDVsHnqQX9zaeOoHt 28 | kPd9C3D6kl42YecxLxktvQBVGg3wrEEVj+p84+VxIqOFJg8M6GCwkEMkTbt/65Vc 29 | m73xxCb+tq6yDq88TSH0NuKLAVNaLx599E2R+wIrM3pMh/NftdRpAA== 30 | -----END CERTIFICATE----- 31 | -------------------------------------------------------------------------------- /examples/certManagerCI_production.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: certmanager.k8s.io/v1alpha1 2 | kind: ClusterIssuer 3 | metadata: 4 | name: letsencrypt-production 5 | spec: 6 | acme: 7 | # The ACME server URL 8 | server: https://acme-v02.api.letsencrypt.org/directory 9 | # Email address used for ACME registration 10 | # TODO: Change email address to yours 11 | email: youremail@example.com 12 | # Name of a secret used to store the ACME account private key 13 | privateKeySecretRef: 14 | name: letsencrypt-production 15 | # Enable the HTTP-01 challenge provider 16 | http01: {} 17 | -------------------------------------------------------------------------------- /examples/certManagerCI_staging.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: certmanager.k8s.io/v1alpha1 2 | kind: ClusterIssuer 3 | metadata: 4 | name: letsencrypt-staging 5 | spec: 6 | acme: 7 | # The ACME server URL 8 | server: https://acme-staging-v02.api.letsencrypt.org/directory 9 | # Email address used for ACME registration 10 | # TODO: Change email address to yours 11 | email: youremail@example.com 12 | # Name of a secret used to store the ACME account private key 13 | privateKeySecretRef: 14 | name: letsencrypt-staging 15 | # Enable the HTTP-01 challenge provider 16 | http01: {} 17 | -------------------------------------------------------------------------------- /examples/dev/config/configtx.yaml: -------------------------------------------------------------------------------- 1 | # Copyright IBM Corp. All Rights Reserved. 2 | # 3 | # SPDX-License-Identifier: Apache-2.0 4 | # 5 | 6 | ################################################################################ 7 | # 8 | # Section: Organizations 9 | # 10 | # - This section defines the different organizational identities which will 11 | # be referenced later in the configuration. 12 | # 13 | ################################################################################ 14 | Organizations: 15 | 16 | # Organisation controlling Orderers 17 | - &OrdererOrg 18 | # DefaultOrg defines the organization which is used in the sampleconfig 19 | # of the fabric.git development environment 20 | Name: OrdererOrg 21 | 22 | # ID to load the MSP definition as 23 | ID: OrdererMSP 24 | 25 | # MSPDir is the filesystem path which contains the MSP configuration 26 | MSPDir: ../crypto/crypto-config/ordererOrganizations/orderers.svc.cluster.local/msp 27 | 28 | # turn off security for the channel 29 | AdminPrincipal: Role.MEMBER 30 | 31 | # Organisation controlling Peers 32 | - &PeerOrg 33 | Name: PeerOrg 34 | 35 | # ID to load the MSP definition as 36 | ID: PeerMSP 37 | 38 | MSPDir: ../crypto/crypto-config/peerOrganizations/peers.svc.cluster.local/msp 39 | 40 | # turn off security for the peer 41 | AdminPrincipal: Role.MEMBER 42 | 43 | AnchorPeers: 44 | # AnchorPeers defines the location of peers that can be used 45 | # for cross org gossip communication. Note, this value is only 46 | # encoded in the genesis block in the Application section context 47 | - Host: peer1-hlf-peer.peers.svc.cluster.local 48 | Port: 7051 49 | 50 | ################################################################################ 51 | # 52 | # SECTION: Orderer 53 | # 54 | # - This section defines the values to encode into a config transaction or 55 | # genesis block for orderer related parameters 56 | # 57 | ################################################################################ 58 | Orderer: &OrdererDefaults 59 | 60 | # Orderer Type: The orderer implementation to start 61 | # Available types are "solo" and "kafka" 62 | OrdererType: solo 63 | 64 | Addresses: 65 | - ord1-hlf-ord.orderers.svc.cluster.local:7050 66 | 67 | # Batch Timeout: The amount of time to wait before creating a batch 68 | BatchTimeout: 2s 69 | 70 | # Batch Size: Controls the number of messages batched into a block 71 | BatchSize: 72 | 73 | # Max Message Count: The maximum number of messages to permit in a batch 74 | MaxMessageCount: 10 75 | 76 | # Absolute Max Bytes: The absolute maximum number of bytes allowed for 77 | # the serialized messages in a batch. 78 | AbsoluteMaxBytes: 98 MB 79 | 80 | # Preferred Max Bytes: The preferred maximum number of bytes allowed for 81 | # the serialized messages in a batch. A message larger than the preferred 82 | # max bytes will result in a batch larger than preferred max bytes. 83 | PreferredMaxBytes: 512 KB 84 | 85 | Kafka: 86 | # Brokers: A list of Kafka brokers to which the orderer connects 87 | # If using K8S, we specify the service exposing the brokers 88 | # NOTE: Use Address/IP:port notation 89 | Brokers: 90 | - kafka-hlf.orderers.svc.cluster.local:9092 91 | 92 | # Organizations is the list of orgs which are defined as participants on 93 | # the orderer side of the network 94 | Organizations: 95 | 96 | ################################################################################ 97 | # 98 | # SECTION: Application 99 | # 100 | # - This section defines the values to encode into a config transaction or 101 | # genesis block for application related parameters 102 | # 103 | ################################################################################ 104 | Application: &ApplicationDefaults 105 | 106 | # Organizations is the list of orgs which are defined as participants on 107 | # the application side of the network 108 | Organizations: 109 | 110 | ################################################################################ 111 | # 112 | # Profile 113 | # 114 | # - Different configuration profiles may be encoded here to be specified 115 | # as parameters to the configtxgen tool 116 | # 117 | ################################################################################ 118 | Profiles: 119 | 120 | OrdererGenesis: 121 | Orderer: 122 | <<: *OrdererDefaults 123 | Organizations: 124 | - *OrdererOrg 125 | Consortiums: 126 | MyConsortium: 127 | Organizations: 128 | - *PeerOrg 129 | MyChannel: 130 | Consortium: MyConsortium 131 | Application: 132 | <<: *ApplicationDefaults 133 | Organizations: 134 | - *PeerOrg 135 | -------------------------------------------------------------------------------- /examples/dev/config/crypto-config.yaml: -------------------------------------------------------------------------------- 1 | # Copyright IBM Corp. All Rights Reserved. 2 | # 3 | # SPDX-License-Identifier: Apache-2.0 4 | # 5 | 6 | # --------------------------------------------------------------------------- 7 | # "OrdererOrgs" - Definition of organizations managing orderer nodes 8 | # --------------------------------------------------------------------------- 9 | OrdererOrgs: 10 | # --------------------------------------------------------------------------- 11 | # OrdererOrg 12 | # --------------------------------------------------------------------------- 13 | - Name: OrdererOrg 14 | Domain: orderers.svc.cluster.local 15 | # --------------------------------------------------------------------------- 16 | # "Specs" - See PeerOrgs below for complete description 17 | # --------------------------------------------------------------------------- 18 | Specs: 19 | - Hostname: ord1-hlf-ord 20 | # --------------------------------------------------------------------------- 21 | # "PeerOrgs" - Definition of organizations managing peer nodes 22 | # --------------------------------------------------------------------------- 23 | PeerOrgs: 24 | # --------------------------------------------------------------------------- 25 | # PeerOrg 26 | # --------------------------------------------------------------------------- 27 | - Name: PeerOrg 28 | Domain: peers.svc.cluster.local 29 | # --------------------------------------------------------------------------- 30 | # "Specs" 31 | # --------------------------------------------------------------------------- 32 | # Uncomment this section to enable the explicit definition of hosts in your 33 | # configuration. Most users will want to use Template, below 34 | # 35 | # Specs is an array of Spec entries. Each Spec entry consists of two fields: 36 | # - Hostname: (Required) The desired hostname, sans the domain. 37 | # - CommonName: (Optional) Specifies the template or explicit override for 38 | # the CN. By default, this is the template: 39 | # 40 | # "{{.Hostname}}.{{.Domain}}" 41 | # 42 | # which obtains its values from the Spec.Hostname and 43 | # Org.Domain, respectively. 44 | # --------------------------------------------------------------------------- 45 | # Specs: 46 | # - Hostname: foo # implicitly "foo.org1.example.com" 47 | # CommonName: foo27.org5.example.com # overrides Hostname-based FQDN set above 48 | # - Hostname: bar 49 | # - Hostname: baz 50 | # --------------------------------------------------------------------------- 51 | # "Template" 52 | # --------------------------------------------------------------------------- 53 | # Allows for the definition of 1 or more hosts that are created sequentially 54 | # from a template. By default, this looks like "peer%d" from 0 to Count-1. 55 | # You may override the number of nodes (Count), the starting index (Start) 56 | # or the template used to construct the name (Hostname). 57 | # 58 | # Note: Template and Specs are not mutually exclusive. You may define both 59 | # sections and the aggregate nodes will be created for you. Take care with 60 | # name collisions 61 | # --------------------------------------------------------------------------- 62 | Template: 63 | Count: 1 64 | Start: 1 65 | Hostname: "{{.Prefix}}{{.Index}}-hlf-peer" # default 66 | # --------------------------------------------------------------------------- 67 | # "Users" 68 | # --------------------------------------------------------------------------- 69 | # Count: The number of user accounts _in addition_ to Admin 70 | # --------------------------------------------------------------------------- 71 | Users: 72 | Count: 0 73 | -------------------------------------------------------------------------------- /examples/dev/config/fabric-ca-client-config.yaml: -------------------------------------------------------------------------------- 1 | 2 | ############################################################################# 3 | # This is a configuration file for the fabric-ca-client command. 4 | # 5 | # COMMAND LINE ARGUMENTS AND ENVIRONMENT VARIABLES 6 | # ------------------------------------------------ 7 | # Each configuration element can be overridden via command line 8 | # arguments or environment variables. The precedence for determining 9 | # the value of each element is as follows: 10 | # 1) command line argument 11 | # Examples: 12 | # a) --url https://localhost:7054 13 | # To set the fabric-ca server url 14 | # b) --tls.client.certfile certfile.pem 15 | # To set the client certificate for TLS 16 | # 2) environment variable 17 | # Examples: 18 | # a) FABRIC_CA_CLIENT_URL=https://localhost:7054 19 | # To set the fabric-ca server url 20 | # b) FABRIC_CA_CLIENT_TLS_CLIENT_CERTFILE=certfile.pem 21 | # To set the client certificate for TLS 22 | # 3) configuration file 23 | # 4) default value (if there is one) 24 | # All default values are shown beside each element below. 25 | # 26 | # FILE NAME ELEMENTS 27 | # ------------------ 28 | # The value of all fields whose name ends with "file" or "files" are 29 | # name or names of other files. 30 | # For example, see "tls.certfiles" and "tls.client.certfile". 31 | # The value of each of these fields can be a simple filename, a 32 | # relative path, or an absolute path. If the value is not an 33 | # absolute path, it is interpretted as being relative to the location 34 | # of this configuration file. 35 | # 36 | ############################################################################# 37 | 38 | ############################################################################# 39 | # Client Configuration 40 | ############################################################################# 41 | 42 | # URL of the Fabric-ca-server (default: http://localhost:7054) 43 | url: 44 | 45 | # Membership Service Provider (MSP) directory 46 | # This is useful when the client is used to enroll a peer or orderer, so 47 | # that the enrollment artifacts are stored in the format expected by MSP. 48 | mspdir: 49 | 50 | ############################################################################# 51 | # TLS section for secure socket connection 52 | # 53 | # certfiles - PEM-encoded list of trusted root certificate files 54 | # client: 55 | # certfile - PEM-encoded certificate file for when client authentication 56 | # is enabled on server 57 | # keyfile - PEM-encoded key file for when client authentication 58 | # is enabled on server 59 | ############################################################################# 60 | tls: 61 | # TLS section for secure socket connection 62 | certfiles: 63 | client: 64 | certfile: 65 | keyfile: 66 | 67 | ############################################################################# 68 | # Certificate Signing Request section for generating the CSR for an 69 | # enrollment certificate (ECert) 70 | # 71 | # cn - Used by CAs to determine which domain the certificate is to be generated for 72 | # 73 | # serialnumber - The serialnumber field, if specified, becomes part of the issued 74 | # certificate's DN (Distinguished Name). For example, one use case for this is 75 | # a company with its own CA (Certificate Authority) which issues certificates 76 | # to its employees and wants to include the employee's serial number in the DN 77 | # of its issued certificates. 78 | # WARNING: The serialnumber field should not be confused with the certificate's 79 | # serial number which is set by the CA but is not a component of the 80 | # certificate's DN. 81 | # 82 | # names - A list of name objects. Each name object should contain at least one 83 | # "C", "L", "O", or "ST" value (or any combination of these) where these 84 | # are abbreviations for the following: 85 | # "C": country 86 | # "L": locality or municipality (such as city or town name) 87 | # "O": organization 88 | # "OU": organizational unit, such as the department responsible for owning the key; 89 | # it can also be used for a "Doing Business As" (DBS) name 90 | # "ST": the state or province 91 | # 92 | # Note that the "OU" or organizational units of an ECert are always set according 93 | # to the values of the identities type and affiliation. OUs are calculated for an enroll 94 | # as OU=, OU=, ..., OU=. For example, an identity 95 | # of type "client" with an affiliation of "org1.dept2.team3" would have the following 96 | # organizational units: OU=client, OU=org1, OU=dept2, OU=team3 97 | # 98 | # hosts - A list of host names for which the certificate should be valid 99 | # 100 | ############################################################################# 101 | csr: 102 | cn: ord-admin 103 | serialnumber: 104 | names: 105 | - C: IE 106 | ST: Dublin 107 | L: 108 | O: "AID:Tech" 109 | OU: Blockchain 110 | hosts: 111 | - Alejandros-MacBook-Pro.local 112 | 113 | ############################################################################# 114 | # Registration section used to register a new identity with fabric-ca server 115 | # 116 | # name - Unique name of the identity 117 | # type - Type of identity being registered (e.g. 'peer, app, user') 118 | # affiliation - The identity's affiliation 119 | # maxenrollments - The maximum number of times the secret can be reused to enroll. 120 | # Specially, -1 means unlimited; 0 means to use CA's max enrollment 121 | # value. 122 | # attributes - List of name/value pairs of attribute for identity 123 | ############################################################################# 124 | id: 125 | name: 126 | type: 127 | affiliation: 128 | maxenrollments: 0 129 | attributes: 130 | # - name: 131 | # value: 132 | 133 | ############################################################################# 134 | # Enrollment section used to enroll an identity with fabric-ca server 135 | # 136 | # profile - Name of the signing profile to use in issuing the certificate 137 | # label - Label to use in HSM operations 138 | ############################################################################# 139 | enrollment: 140 | profile: 141 | label: 142 | 143 | ############################################################################# 144 | # Name of the CA to connect to within the fabric-ca server 145 | ############################################################################# 146 | caname: 147 | 148 | ############################################################################# 149 | # BCCSP (BlockChain Crypto Service Provider) section allows to select which 150 | # crypto implementation library to use 151 | ############################################################################# 152 | bccsp: 153 | default: SW 154 | sw: 155 | hash: SHA2 156 | security: 256 157 | filekeystore: 158 | # The directory used for the software file-based keystore 159 | keystore: msp/keystore 160 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/ordererOrganizations/orderers.svc.cluster.local/ca/b7920824afa4f50db95e2354581ab7461841a53bf64c0386064369f09ba59a4f_sk: -------------------------------------------------------------------------------- 1 | -----BEGIN PRIVATE KEY----- 2 | MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgNj0WDUGjcQsS1vK5 3 | lSOyko3NU5itGyO9BMIqAQvoA3KhRANCAASd5BQ6xSe9gX3+8dF96oV9QYm+IeqT 4 | BrO69UckzB95zD84mA1pOvBufnMZG/+6qJiiujU4M30ehuGNfp1BmoOi 5 | -----END PRIVATE KEY----- 6 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/ordererOrganizations/orderers.svc.cluster.local/ca/ca.orderers.svc.cluster.local-cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICbTCCAhSgAwIBAgIRANaurOkJgyWjBbz1eBGsiuAwCgYIKoZIzj0EAwIwgYcx 3 | CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4g 4 | RnJhbmNpc2NvMSMwIQYDVQQKExpvcmRlcmVycy5zdmMuY2x1c3Rlci5sb2NhbDEm 5 | MCQGA1UEAxMdY2Eub3JkZXJlcnMuc3ZjLmNsdXN0ZXIubG9jYWwwHhcNMTkwMTIz 6 | MTExNzAwWhcNMjkwMTIwMTExNzAwWjCBhzELMAkGA1UEBhMCVVMxEzARBgNVBAgT 7 | CkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xIzAhBgNVBAoTGm9y 8 | ZGVyZXJzLnN2Yy5jbHVzdGVyLmxvY2FsMSYwJAYDVQQDEx1jYS5vcmRlcmVycy5z 9 | dmMuY2x1c3Rlci5sb2NhbDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABJ3kFDrF 10 | J72Bff7x0X3qhX1Bib4h6pMGs7r1RyTMH3nMPziYDWk68G5+cxkb/7qomKK6NTgz 11 | fR6G4Y1+nUGag6KjXzBdMA4GA1UdDwEB/wQEAwIBpjAPBgNVHSUECDAGBgRVHSUA 12 | MA8GA1UdEwEB/wQFMAMBAf8wKQYDVR0OBCIEILeSCCSvpPUNuV4jVFgat0YYQaU7 13 | 9kwDhgZDafCbpZpPMAoGCCqGSM49BAMCA0cAMEQCIEL/w4/WezPRkzQ3XNmMMgBI 14 | oh1/c1aZwnz8qooV/YtLAiBtPpTKCdeF8Ifu+Za5mPahHX1GBTovQzYV83TbAjaK 15 | Ag== 16 | -----END CERTIFICATE----- 17 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/ordererOrganizations/orderers.svc.cluster.local/msp/admincerts/Admin@orderers.svc.cluster.local-cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICOTCCAd+gAwIBAgIRANVWKs/YCJUfyQH4hC5QCBcwCgYIKoZIzj0EAwIwgYcx 3 | CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4g 4 | RnJhbmNpc2NvMSMwIQYDVQQKExpvcmRlcmVycy5zdmMuY2x1c3Rlci5sb2NhbDEm 5 | MCQGA1UEAxMdY2Eub3JkZXJlcnMuc3ZjLmNsdXN0ZXIubG9jYWwwHhcNMTkwMTIz 6 | MTExNzAwWhcNMjkwMTIwMTExNzAwWjBlMQswCQYDVQQGEwJVUzETMBEGA1UECBMK 7 | Q2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEpMCcGA1UEAwwgQWRt 8 | aW5Ab3JkZXJlcnMuc3ZjLmNsdXN0ZXIubG9jYWwwWTATBgcqhkjOPQIBBggqhkjO 9 | PQMBBwNCAAQnRl9U0lk2/3lxNaaP6oroVun4g323ndXzYtvLMDGsNODjLu32Te4r 10 | ocK+c5uXap+dqSYkNjNhL9ga7+sVa9kto00wSzAOBgNVHQ8BAf8EBAMCB4AwDAYD 11 | VR0TAQH/BAIwADArBgNVHSMEJDAigCC3kggkr6T1DbleI1RYGrdGGEGlO/ZMA4YG 12 | Q2nwm6WaTzAKBggqhkjOPQQDAgNIADBFAiEAtnaurkYxwbW04a+pr70JfuU/Gfy7 13 | 7aVP7QEBJLK0ASoCIHCYJeh5CDzP8Y/3Xsqe+7BZkFx2VbmuvV7eSkYea8XW 14 | -----END CERTIFICATE----- 15 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/ordererOrganizations/orderers.svc.cluster.local/msp/cacerts/ca.orderers.svc.cluster.local-cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICbTCCAhSgAwIBAgIRANaurOkJgyWjBbz1eBGsiuAwCgYIKoZIzj0EAwIwgYcx 3 | CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4g 4 | RnJhbmNpc2NvMSMwIQYDVQQKExpvcmRlcmVycy5zdmMuY2x1c3Rlci5sb2NhbDEm 5 | MCQGA1UEAxMdY2Eub3JkZXJlcnMuc3ZjLmNsdXN0ZXIubG9jYWwwHhcNMTkwMTIz 6 | MTExNzAwWhcNMjkwMTIwMTExNzAwWjCBhzELMAkGA1UEBhMCVVMxEzARBgNVBAgT 7 | CkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xIzAhBgNVBAoTGm9y 8 | ZGVyZXJzLnN2Yy5jbHVzdGVyLmxvY2FsMSYwJAYDVQQDEx1jYS5vcmRlcmVycy5z 9 | dmMuY2x1c3Rlci5sb2NhbDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABJ3kFDrF 10 | J72Bff7x0X3qhX1Bib4h6pMGs7r1RyTMH3nMPziYDWk68G5+cxkb/7qomKK6NTgz 11 | fR6G4Y1+nUGag6KjXzBdMA4GA1UdDwEB/wQEAwIBpjAPBgNVHSUECDAGBgRVHSUA 12 | MA8GA1UdEwEB/wQFMAMBAf8wKQYDVR0OBCIEILeSCCSvpPUNuV4jVFgat0YYQaU7 13 | 9kwDhgZDafCbpZpPMAoGCCqGSM49BAMCA0cAMEQCIEL/w4/WezPRkzQ3XNmMMgBI 14 | oh1/c1aZwnz8qooV/YtLAiBtPpTKCdeF8Ifu+Za5mPahHX1GBTovQzYV83TbAjaK 15 | Ag== 16 | -----END CERTIFICATE----- 17 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/ordererOrganizations/orderers.svc.cluster.local/msp/tlscacerts/tlsca.orderers.svc.cluster.local-cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICcjCCAhmgAwIBAgIQJUdAQEShXpjGPgz9pW2eRTAKBggqhkjOPQQDAjCBijEL 3 | MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG 4 | cmFuY2lzY28xIzAhBgNVBAoTGm9yZGVyZXJzLnN2Yy5jbHVzdGVyLmxvY2FsMSkw 5 | JwYDVQQDEyB0bHNjYS5vcmRlcmVycy5zdmMuY2x1c3Rlci5sb2NhbDAeFw0xOTAx 6 | MjMxMTE3MDBaFw0yOTAxMjAxMTE3MDBaMIGKMQswCQYDVQQGEwJVUzETMBEGA1UE 7 | CBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEjMCEGA1UEChMa 8 | b3JkZXJlcnMuc3ZjLmNsdXN0ZXIubG9jYWwxKTAnBgNVBAMTIHRsc2NhLm9yZGVy 9 | ZXJzLnN2Yy5jbHVzdGVyLmxvY2FsMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE 10 | Fm2Aq2fjv7pFPegZhkzEviFB9Q/GZjOR2YVisD3vxhmMX7sJYrAUTOTrW0ZeGb4C 11 | yzJ2qfsZKtrRo8ZNioQwUKNfMF0wDgYDVR0PAQH/BAQDAgGmMA8GA1UdJQQIMAYG 12 | BFUdJQAwDwYDVR0TAQH/BAUwAwEB/zApBgNVHQ4EIgQgQWbaF/ZxJ1aJbmHbpJmB 13 | Tl9AzvcEIB31Yo2O8Kjp0vYwCgYIKoZIzj0EAwIDRwAwRAIgaPGwy27E+VOKSYgc 14 | vsnm8DVbfvk2pLCmKGTBPIhqEH4CIFnd83lhj80TgGIaJ0+0ysOdld6nEc9ujOBn 15 | 9ENIFo+h 16 | -----END CERTIFICATE----- 17 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/ordererOrganizations/orderers.svc.cluster.local/orderers/ord1-hlf-ord.orderers.svc.cluster.local/msp/admincerts/Admin@orderers.svc.cluster.local-cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICOTCCAd+gAwIBAgIRANVWKs/YCJUfyQH4hC5QCBcwCgYIKoZIzj0EAwIwgYcx 3 | CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4g 4 | RnJhbmNpc2NvMSMwIQYDVQQKExpvcmRlcmVycy5zdmMuY2x1c3Rlci5sb2NhbDEm 5 | MCQGA1UEAxMdY2Eub3JkZXJlcnMuc3ZjLmNsdXN0ZXIubG9jYWwwHhcNMTkwMTIz 6 | MTExNzAwWhcNMjkwMTIwMTExNzAwWjBlMQswCQYDVQQGEwJVUzETMBEGA1UECBMK 7 | Q2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEpMCcGA1UEAwwgQWRt 8 | aW5Ab3JkZXJlcnMuc3ZjLmNsdXN0ZXIubG9jYWwwWTATBgcqhkjOPQIBBggqhkjO 9 | PQMBBwNCAAQnRl9U0lk2/3lxNaaP6oroVun4g323ndXzYtvLMDGsNODjLu32Te4r 10 | ocK+c5uXap+dqSYkNjNhL9ga7+sVa9kto00wSzAOBgNVHQ8BAf8EBAMCB4AwDAYD 11 | VR0TAQH/BAIwADArBgNVHSMEJDAigCC3kggkr6T1DbleI1RYGrdGGEGlO/ZMA4YG 12 | Q2nwm6WaTzAKBggqhkjOPQQDAgNIADBFAiEAtnaurkYxwbW04a+pr70JfuU/Gfy7 13 | 7aVP7QEBJLK0ASoCIHCYJeh5CDzP8Y/3Xsqe+7BZkFx2VbmuvV7eSkYea8XW 14 | -----END CERTIFICATE----- 15 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/ordererOrganizations/orderers.svc.cluster.local/orderers/ord1-hlf-ord.orderers.svc.cluster.local/msp/cacerts/ca.orderers.svc.cluster.local-cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICbTCCAhSgAwIBAgIRANaurOkJgyWjBbz1eBGsiuAwCgYIKoZIzj0EAwIwgYcx 3 | CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4g 4 | RnJhbmNpc2NvMSMwIQYDVQQKExpvcmRlcmVycy5zdmMuY2x1c3Rlci5sb2NhbDEm 5 | MCQGA1UEAxMdY2Eub3JkZXJlcnMuc3ZjLmNsdXN0ZXIubG9jYWwwHhcNMTkwMTIz 6 | MTExNzAwWhcNMjkwMTIwMTExNzAwWjCBhzELMAkGA1UEBhMCVVMxEzARBgNVBAgT 7 | CkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xIzAhBgNVBAoTGm9y 8 | ZGVyZXJzLnN2Yy5jbHVzdGVyLmxvY2FsMSYwJAYDVQQDEx1jYS5vcmRlcmVycy5z 9 | dmMuY2x1c3Rlci5sb2NhbDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABJ3kFDrF 10 | J72Bff7x0X3qhX1Bib4h6pMGs7r1RyTMH3nMPziYDWk68G5+cxkb/7qomKK6NTgz 11 | fR6G4Y1+nUGag6KjXzBdMA4GA1UdDwEB/wQEAwIBpjAPBgNVHSUECDAGBgRVHSUA 12 | MA8GA1UdEwEB/wQFMAMBAf8wKQYDVR0OBCIEILeSCCSvpPUNuV4jVFgat0YYQaU7 13 | 9kwDhgZDafCbpZpPMAoGCCqGSM49BAMCA0cAMEQCIEL/w4/WezPRkzQ3XNmMMgBI 14 | oh1/c1aZwnz8qooV/YtLAiBtPpTKCdeF8Ifu+Za5mPahHX1GBTovQzYV83TbAjaK 15 | Ag== 16 | -----END CERTIFICATE----- 17 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/ordererOrganizations/orderers.svc.cluster.local/orderers/ord1-hlf-ord.orderers.svc.cluster.local/msp/keystore/d5d80631395671460ab46531aa7e62c0cf87869b272a8f474d1be0ecf4989290_sk: -------------------------------------------------------------------------------- 1 | -----BEGIN PRIVATE KEY----- 2 | MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgKcM6MjoOT1y6N84x 3 | vhQZJg4e/HSeJ6n4ZsgblOijyRyhRANCAATGOYP7O6dmF3HY6t8ifSwe+o3xvLwe 4 | LkUFbKvSnZ8KJIXWlfvwPUBXytoM3QNpwn4cDhCLA0tl2anyTeTv2FMt 5 | -----END PRIVATE KEY----- 6 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/ordererOrganizations/orderers.svc.cluster.local/orderers/ord1-hlf-ord.orderers.svc.cluster.local/msp/signcerts/ord1-hlf-ord.orderers.svc.cluster.local-cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICPzCCAeagAwIBAgIRAIPQkY6KbTOCB/KxtAOGWRgwCgYIKoZIzj0EAwIwgYcx 3 | CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4g 4 | RnJhbmNpc2NvMSMwIQYDVQQKExpvcmRlcmVycy5zdmMuY2x1c3Rlci5sb2NhbDEm 5 | MCQGA1UEAxMdY2Eub3JkZXJlcnMuc3ZjLmNsdXN0ZXIubG9jYWwwHhcNMTkwMTIz 6 | MTExNzAwWhcNMjkwMTIwMTExNzAwWjBsMQswCQYDVQQGEwJVUzETMBEGA1UECBMK 7 | Q2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEwMC4GA1UEAxMnb3Jk 8 | MS1obGYtb3JkLm9yZGVyZXJzLnN2Yy5jbHVzdGVyLmxvY2FsMFkwEwYHKoZIzj0C 9 | AQYIKoZIzj0DAQcDQgAExjmD+zunZhdx2OrfIn0sHvqN8by8Hi5FBWyr0p2fCiSF 10 | 1pX78D1AV8raDN0DacJ+HA4QiwNLZdmp8k3k79hTLaNNMEswDgYDVR0PAQH/BAQD 11 | AgeAMAwGA1UdEwEB/wQCMAAwKwYDVR0jBCQwIoAgt5IIJK+k9Q25XiNUWBq3RhhB 12 | pTv2TAOGBkNp8Julmk8wCgYIKoZIzj0EAwIDRwAwRAIgJxbloYGEYyP4np3+M3pr 13 | m9AM3vXdOa4k6AR/qROpbwkCIArYQf8RcqdOcs+yYICaWq0Rfcb1s7d1zOG/39RK 14 | kLcx 15 | -----END CERTIFICATE----- 16 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/ordererOrganizations/orderers.svc.cluster.local/orderers/ord1-hlf-ord.orderers.svc.cluster.local/msp/tlscacerts/tlsca.orderers.svc.cluster.local-cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICcjCCAhmgAwIBAgIQJUdAQEShXpjGPgz9pW2eRTAKBggqhkjOPQQDAjCBijEL 3 | MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG 4 | cmFuY2lzY28xIzAhBgNVBAoTGm9yZGVyZXJzLnN2Yy5jbHVzdGVyLmxvY2FsMSkw 5 | JwYDVQQDEyB0bHNjYS5vcmRlcmVycy5zdmMuY2x1c3Rlci5sb2NhbDAeFw0xOTAx 6 | MjMxMTE3MDBaFw0yOTAxMjAxMTE3MDBaMIGKMQswCQYDVQQGEwJVUzETMBEGA1UE 7 | CBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEjMCEGA1UEChMa 8 | b3JkZXJlcnMuc3ZjLmNsdXN0ZXIubG9jYWwxKTAnBgNVBAMTIHRsc2NhLm9yZGVy 9 | ZXJzLnN2Yy5jbHVzdGVyLmxvY2FsMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE 10 | Fm2Aq2fjv7pFPegZhkzEviFB9Q/GZjOR2YVisD3vxhmMX7sJYrAUTOTrW0ZeGb4C 11 | yzJ2qfsZKtrRo8ZNioQwUKNfMF0wDgYDVR0PAQH/BAQDAgGmMA8GA1UdJQQIMAYG 12 | BFUdJQAwDwYDVR0TAQH/BAUwAwEB/zApBgNVHQ4EIgQgQWbaF/ZxJ1aJbmHbpJmB 13 | Tl9AzvcEIB31Yo2O8Kjp0vYwCgYIKoZIzj0EAwIDRwAwRAIgaPGwy27E+VOKSYgc 14 | vsnm8DVbfvk2pLCmKGTBPIhqEH4CIFnd83lhj80TgGIaJ0+0ysOdld6nEc9ujOBn 15 | 9ENIFo+h 16 | -----END CERTIFICATE----- 17 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/ordererOrganizations/orderers.svc.cluster.local/orderers/ord1-hlf-ord.orderers.svc.cluster.local/tls/ca.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICcjCCAhmgAwIBAgIQJUdAQEShXpjGPgz9pW2eRTAKBggqhkjOPQQDAjCBijEL 3 | MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG 4 | cmFuY2lzY28xIzAhBgNVBAoTGm9yZGVyZXJzLnN2Yy5jbHVzdGVyLmxvY2FsMSkw 5 | JwYDVQQDEyB0bHNjYS5vcmRlcmVycy5zdmMuY2x1c3Rlci5sb2NhbDAeFw0xOTAx 6 | MjMxMTE3MDBaFw0yOTAxMjAxMTE3MDBaMIGKMQswCQYDVQQGEwJVUzETMBEGA1UE 7 | CBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEjMCEGA1UEChMa 8 | b3JkZXJlcnMuc3ZjLmNsdXN0ZXIubG9jYWwxKTAnBgNVBAMTIHRsc2NhLm9yZGVy 9 | ZXJzLnN2Yy5jbHVzdGVyLmxvY2FsMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE 10 | Fm2Aq2fjv7pFPegZhkzEviFB9Q/GZjOR2YVisD3vxhmMX7sJYrAUTOTrW0ZeGb4C 11 | yzJ2qfsZKtrRo8ZNioQwUKNfMF0wDgYDVR0PAQH/BAQDAgGmMA8GA1UdJQQIMAYG 12 | BFUdJQAwDwYDVR0TAQH/BAUwAwEB/zApBgNVHQ4EIgQgQWbaF/ZxJ1aJbmHbpJmB 13 | Tl9AzvcEIB31Yo2O8Kjp0vYwCgYIKoZIzj0EAwIDRwAwRAIgaPGwy27E+VOKSYgc 14 | vsnm8DVbfvk2pLCmKGTBPIhqEH4CIFnd83lhj80TgGIaJ0+0ysOdld6nEc9ujOBn 15 | 9ENIFo+h 16 | -----END CERTIFICATE----- 17 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/ordererOrganizations/orderers.svc.cluster.local/orderers/ord1-hlf-ord.orderers.svc.cluster.local/tls/server.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICpDCCAkugAwIBAgIQDTLkK8UVqdf51e2sZyD6bjAKBggqhkjOPQQDAjCBijEL 3 | MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG 4 | cmFuY2lzY28xIzAhBgNVBAoTGm9yZGVyZXJzLnN2Yy5jbHVzdGVyLmxvY2FsMSkw 5 | JwYDVQQDEyB0bHNjYS5vcmRlcmVycy5zdmMuY2x1c3Rlci5sb2NhbDAeFw0xOTAx 6 | MjMxMTE3MDBaFw0yOTAxMjAxMTE3MDBaMGwxCzAJBgNVBAYTAlVTMRMwEQYDVQQI 7 | EwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMTAwLgYDVQQDEydv 8 | cmQxLWhsZi1vcmQub3JkZXJlcnMuc3ZjLmNsdXN0ZXIubG9jYWwwWTATBgcqhkjO 9 | PQIBBggqhkjOPQMBBwNCAAS4FbXbTR+JcklaGzvSUUAVk/wGJiUFwm9sHHndLkIz 10 | JiFyusDNJ+mdvuT5sKEC6iAeZHbOmGhLkDSvPuz9yoqzo4GvMIGsMA4GA1UdDwEB 11 | /wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/ 12 | BAIwADArBgNVHSMEJDAigCBBZtoX9nEnVoluYdukmYFOX0DO9wQgHfVijY7wqOnS 13 | 9jBABgNVHREEOTA3gidvcmQxLWhsZi1vcmQub3JkZXJlcnMuc3ZjLmNsdXN0ZXIu 14 | bG9jYWyCDG9yZDEtaGxmLW9yZDAKBggqhkjOPQQDAgNHADBEAiAF3i+N6ac/jYOE 15 | SrMsHef/4WOrmNyNKsF4vyKiHjtJaQIgUc7h5hYjjxmbmqHnXlHdOB9a5fLfjY/D 16 | 0Xb0KXU6vBo= 17 | -----END CERTIFICATE----- 18 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/ordererOrganizations/orderers.svc.cluster.local/orderers/ord1-hlf-ord.orderers.svc.cluster.local/tls/server.key: -------------------------------------------------------------------------------- 1 | -----BEGIN PRIVATE KEY----- 2 | MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgWANrLoS5mVMzgjJ7 3 | EPWJ8dy3dgJrEcuOgMDwwvaRxT6hRANCAAS4FbXbTR+JcklaGzvSUUAVk/wGJiUF 4 | wm9sHHndLkIzJiFyusDNJ+mdvuT5sKEC6iAeZHbOmGhLkDSvPuz9yoqz 5 | -----END PRIVATE KEY----- 6 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/ordererOrganizations/orderers.svc.cluster.local/tlsca/4166da17f6712756896e61dba499814e5f40cef704201df5628d8ef0a8e9d2f6_sk: -------------------------------------------------------------------------------- 1 | -----BEGIN PRIVATE KEY----- 2 | MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgWdKYw/OZYnZp/wFe 3 | rMxryTv0UUI4sQi7PC2XjbYkApahRANCAAQWbYCrZ+O/ukU96BmGTMS+IUH1D8Zm 4 | M5HZhWKwPe/GGYxfuwlisBRM5OtbRl4ZvgLLMnap+xkq2tGjxk2KhDBQ 5 | -----END PRIVATE KEY----- 6 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/ordererOrganizations/orderers.svc.cluster.local/tlsca/tlsca.orderers.svc.cluster.local-cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICcjCCAhmgAwIBAgIQJUdAQEShXpjGPgz9pW2eRTAKBggqhkjOPQQDAjCBijEL 3 | MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG 4 | cmFuY2lzY28xIzAhBgNVBAoTGm9yZGVyZXJzLnN2Yy5jbHVzdGVyLmxvY2FsMSkw 5 | JwYDVQQDEyB0bHNjYS5vcmRlcmVycy5zdmMuY2x1c3Rlci5sb2NhbDAeFw0xOTAx 6 | MjMxMTE3MDBaFw0yOTAxMjAxMTE3MDBaMIGKMQswCQYDVQQGEwJVUzETMBEGA1UE 7 | CBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEjMCEGA1UEChMa 8 | b3JkZXJlcnMuc3ZjLmNsdXN0ZXIubG9jYWwxKTAnBgNVBAMTIHRsc2NhLm9yZGVy 9 | ZXJzLnN2Yy5jbHVzdGVyLmxvY2FsMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE 10 | Fm2Aq2fjv7pFPegZhkzEviFB9Q/GZjOR2YVisD3vxhmMX7sJYrAUTOTrW0ZeGb4C 11 | yzJ2qfsZKtrRo8ZNioQwUKNfMF0wDgYDVR0PAQH/BAQDAgGmMA8GA1UdJQQIMAYG 12 | BFUdJQAwDwYDVR0TAQH/BAUwAwEB/zApBgNVHQ4EIgQgQWbaF/ZxJ1aJbmHbpJmB 13 | Tl9AzvcEIB31Yo2O8Kjp0vYwCgYIKoZIzj0EAwIDRwAwRAIgaPGwy27E+VOKSYgc 14 | vsnm8DVbfvk2pLCmKGTBPIhqEH4CIFnd83lhj80TgGIaJ0+0ysOdld6nEc9ujOBn 15 | 9ENIFo+h 16 | -----END CERTIFICATE----- 17 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/ordererOrganizations/orderers.svc.cluster.local/users/Admin@orderers.svc.cluster.local/msp/admincerts/Admin@orderers.svc.cluster.local-cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICOTCCAd+gAwIBAgIRANVWKs/YCJUfyQH4hC5QCBcwCgYIKoZIzj0EAwIwgYcx 3 | CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4g 4 | RnJhbmNpc2NvMSMwIQYDVQQKExpvcmRlcmVycy5zdmMuY2x1c3Rlci5sb2NhbDEm 5 | MCQGA1UEAxMdY2Eub3JkZXJlcnMuc3ZjLmNsdXN0ZXIubG9jYWwwHhcNMTkwMTIz 6 | MTExNzAwWhcNMjkwMTIwMTExNzAwWjBlMQswCQYDVQQGEwJVUzETMBEGA1UECBMK 7 | Q2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEpMCcGA1UEAwwgQWRt 8 | aW5Ab3JkZXJlcnMuc3ZjLmNsdXN0ZXIubG9jYWwwWTATBgcqhkjOPQIBBggqhkjO 9 | PQMBBwNCAAQnRl9U0lk2/3lxNaaP6oroVun4g323ndXzYtvLMDGsNODjLu32Te4r 10 | ocK+c5uXap+dqSYkNjNhL9ga7+sVa9kto00wSzAOBgNVHQ8BAf8EBAMCB4AwDAYD 11 | VR0TAQH/BAIwADArBgNVHSMEJDAigCC3kggkr6T1DbleI1RYGrdGGEGlO/ZMA4YG 12 | Q2nwm6WaTzAKBggqhkjOPQQDAgNIADBFAiEAtnaurkYxwbW04a+pr70JfuU/Gfy7 13 | 7aVP7QEBJLK0ASoCIHCYJeh5CDzP8Y/3Xsqe+7BZkFx2VbmuvV7eSkYea8XW 14 | -----END CERTIFICATE----- 15 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/ordererOrganizations/orderers.svc.cluster.local/users/Admin@orderers.svc.cluster.local/msp/cacerts/ca.orderers.svc.cluster.local-cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICbTCCAhSgAwIBAgIRANaurOkJgyWjBbz1eBGsiuAwCgYIKoZIzj0EAwIwgYcx 3 | CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4g 4 | RnJhbmNpc2NvMSMwIQYDVQQKExpvcmRlcmVycy5zdmMuY2x1c3Rlci5sb2NhbDEm 5 | MCQGA1UEAxMdY2Eub3JkZXJlcnMuc3ZjLmNsdXN0ZXIubG9jYWwwHhcNMTkwMTIz 6 | MTExNzAwWhcNMjkwMTIwMTExNzAwWjCBhzELMAkGA1UEBhMCVVMxEzARBgNVBAgT 7 | CkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xIzAhBgNVBAoTGm9y 8 | ZGVyZXJzLnN2Yy5jbHVzdGVyLmxvY2FsMSYwJAYDVQQDEx1jYS5vcmRlcmVycy5z 9 | dmMuY2x1c3Rlci5sb2NhbDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABJ3kFDrF 10 | J72Bff7x0X3qhX1Bib4h6pMGs7r1RyTMH3nMPziYDWk68G5+cxkb/7qomKK6NTgz 11 | fR6G4Y1+nUGag6KjXzBdMA4GA1UdDwEB/wQEAwIBpjAPBgNVHSUECDAGBgRVHSUA 12 | MA8GA1UdEwEB/wQFMAMBAf8wKQYDVR0OBCIEILeSCCSvpPUNuV4jVFgat0YYQaU7 13 | 9kwDhgZDafCbpZpPMAoGCCqGSM49BAMCA0cAMEQCIEL/w4/WezPRkzQ3XNmMMgBI 14 | oh1/c1aZwnz8qooV/YtLAiBtPpTKCdeF8Ifu+Za5mPahHX1GBTovQzYV83TbAjaK 15 | Ag== 16 | -----END CERTIFICATE----- 17 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/ordererOrganizations/orderers.svc.cluster.local/users/Admin@orderers.svc.cluster.local/msp/keystore/003e189a7fc4c454f1b6dab08c2f313c98d13b40388b04acd348b8aba5a2cc35_sk: -------------------------------------------------------------------------------- 1 | -----BEGIN PRIVATE KEY----- 2 | MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgTDJncmEgKUGM/DXb 3 | bilI7jWR3IMmkxbsFEPsrdr2HsShRANCAAQnRl9U0lk2/3lxNaaP6oroVun4g323 4 | ndXzYtvLMDGsNODjLu32Te4rocK+c5uXap+dqSYkNjNhL9ga7+sVa9kt 5 | -----END PRIVATE KEY----- 6 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/ordererOrganizations/orderers.svc.cluster.local/users/Admin@orderers.svc.cluster.local/msp/signcerts/Admin@orderers.svc.cluster.local-cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICOTCCAd+gAwIBAgIRANVWKs/YCJUfyQH4hC5QCBcwCgYIKoZIzj0EAwIwgYcx 3 | CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4g 4 | RnJhbmNpc2NvMSMwIQYDVQQKExpvcmRlcmVycy5zdmMuY2x1c3Rlci5sb2NhbDEm 5 | MCQGA1UEAxMdY2Eub3JkZXJlcnMuc3ZjLmNsdXN0ZXIubG9jYWwwHhcNMTkwMTIz 6 | MTExNzAwWhcNMjkwMTIwMTExNzAwWjBlMQswCQYDVQQGEwJVUzETMBEGA1UECBMK 7 | Q2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEpMCcGA1UEAwwgQWRt 8 | aW5Ab3JkZXJlcnMuc3ZjLmNsdXN0ZXIubG9jYWwwWTATBgcqhkjOPQIBBggqhkjO 9 | PQMBBwNCAAQnRl9U0lk2/3lxNaaP6oroVun4g323ndXzYtvLMDGsNODjLu32Te4r 10 | ocK+c5uXap+dqSYkNjNhL9ga7+sVa9kto00wSzAOBgNVHQ8BAf8EBAMCB4AwDAYD 11 | VR0TAQH/BAIwADArBgNVHSMEJDAigCC3kggkr6T1DbleI1RYGrdGGEGlO/ZMA4YG 12 | Q2nwm6WaTzAKBggqhkjOPQQDAgNIADBFAiEAtnaurkYxwbW04a+pr70JfuU/Gfy7 13 | 7aVP7QEBJLK0ASoCIHCYJeh5CDzP8Y/3Xsqe+7BZkFx2VbmuvV7eSkYea8XW 14 | -----END CERTIFICATE----- 15 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/ordererOrganizations/orderers.svc.cluster.local/users/Admin@orderers.svc.cluster.local/msp/tlscacerts/tlsca.orderers.svc.cluster.local-cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICcjCCAhmgAwIBAgIQJUdAQEShXpjGPgz9pW2eRTAKBggqhkjOPQQDAjCBijEL 3 | MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG 4 | cmFuY2lzY28xIzAhBgNVBAoTGm9yZGVyZXJzLnN2Yy5jbHVzdGVyLmxvY2FsMSkw 5 | JwYDVQQDEyB0bHNjYS5vcmRlcmVycy5zdmMuY2x1c3Rlci5sb2NhbDAeFw0xOTAx 6 | MjMxMTE3MDBaFw0yOTAxMjAxMTE3MDBaMIGKMQswCQYDVQQGEwJVUzETMBEGA1UE 7 | CBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEjMCEGA1UEChMa 8 | b3JkZXJlcnMuc3ZjLmNsdXN0ZXIubG9jYWwxKTAnBgNVBAMTIHRsc2NhLm9yZGVy 9 | ZXJzLnN2Yy5jbHVzdGVyLmxvY2FsMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE 10 | Fm2Aq2fjv7pFPegZhkzEviFB9Q/GZjOR2YVisD3vxhmMX7sJYrAUTOTrW0ZeGb4C 11 | yzJ2qfsZKtrRo8ZNioQwUKNfMF0wDgYDVR0PAQH/BAQDAgGmMA8GA1UdJQQIMAYG 12 | BFUdJQAwDwYDVR0TAQH/BAUwAwEB/zApBgNVHQ4EIgQgQWbaF/ZxJ1aJbmHbpJmB 13 | Tl9AzvcEIB31Yo2O8Kjp0vYwCgYIKoZIzj0EAwIDRwAwRAIgaPGwy27E+VOKSYgc 14 | vsnm8DVbfvk2pLCmKGTBPIhqEH4CIFnd83lhj80TgGIaJ0+0ysOdld6nEc9ujOBn 15 | 9ENIFo+h 16 | -----END CERTIFICATE----- 17 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/ordererOrganizations/orderers.svc.cluster.local/users/Admin@orderers.svc.cluster.local/tls/ca.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICcjCCAhmgAwIBAgIQJUdAQEShXpjGPgz9pW2eRTAKBggqhkjOPQQDAjCBijEL 3 | MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG 4 | cmFuY2lzY28xIzAhBgNVBAoTGm9yZGVyZXJzLnN2Yy5jbHVzdGVyLmxvY2FsMSkw 5 | JwYDVQQDEyB0bHNjYS5vcmRlcmVycy5zdmMuY2x1c3Rlci5sb2NhbDAeFw0xOTAx 6 | MjMxMTE3MDBaFw0yOTAxMjAxMTE3MDBaMIGKMQswCQYDVQQGEwJVUzETMBEGA1UE 7 | CBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEjMCEGA1UEChMa 8 | b3JkZXJlcnMuc3ZjLmNsdXN0ZXIubG9jYWwxKTAnBgNVBAMTIHRsc2NhLm9yZGVy 9 | ZXJzLnN2Yy5jbHVzdGVyLmxvY2FsMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE 10 | Fm2Aq2fjv7pFPegZhkzEviFB9Q/GZjOR2YVisD3vxhmMX7sJYrAUTOTrW0ZeGb4C 11 | yzJ2qfsZKtrRo8ZNioQwUKNfMF0wDgYDVR0PAQH/BAQDAgGmMA8GA1UdJQQIMAYG 12 | BFUdJQAwDwYDVR0TAQH/BAUwAwEB/zApBgNVHQ4EIgQgQWbaF/ZxJ1aJbmHbpJmB 13 | Tl9AzvcEIB31Yo2O8Kjp0vYwCgYIKoZIzj0EAwIDRwAwRAIgaPGwy27E+VOKSYgc 14 | vsnm8DVbfvk2pLCmKGTBPIhqEH4CIFnd83lhj80TgGIaJ0+0ysOdld6nEc9ujOBn 15 | 9ENIFo+h 16 | -----END CERTIFICATE----- 17 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/ordererOrganizations/orderers.svc.cluster.local/users/Admin@orderers.svc.cluster.local/tls/client.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICWjCCAgCgAwIBAgIQXS0+fhedW2buH0kNxfBZGzAKBggqhkjOPQQDAjCBijEL 3 | MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG 4 | cmFuY2lzY28xIzAhBgNVBAoTGm9yZGVyZXJzLnN2Yy5jbHVzdGVyLmxvY2FsMSkw 5 | JwYDVQQDEyB0bHNjYS5vcmRlcmVycy5zdmMuY2x1c3Rlci5sb2NhbDAeFw0xOTAx 6 | MjMxMTE3MDBaFw0yOTAxMjAxMTE3MDBaMGUxCzAJBgNVBAYTAlVTMRMwEQYDVQQI 7 | EwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMSkwJwYDVQQDDCBB 8 | ZG1pbkBvcmRlcmVycy5zdmMuY2x1c3Rlci5sb2NhbDBZMBMGByqGSM49AgEGCCqG 9 | SM49AwEHA0IABBt0H5pawrGzTY7XKuo2zVRfx/AzWVm2j3JTsjh+ap78GaGSfQ0n 10 | IRfE/iqO0Tqdc9b4kpV/hex62HOEXth8jSajbDBqMA4GA1UdDwEB/wQEAwIFoDAd 11 | BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADArBgNV 12 | HSMEJDAigCBBZtoX9nEnVoluYdukmYFOX0DO9wQgHfVijY7wqOnS9jAKBggqhkjO 13 | PQQDAgNIADBFAiEAyWcLjSenZMA7MBiaXsnXNqHN3hsq3q4FCZgkF2O9ugcCIAtu 14 | eiye3HcdL5huA7yLXlnQutbcoDlxJkZYEZ/8/BNl 15 | -----END CERTIFICATE----- 16 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/ordererOrganizations/orderers.svc.cluster.local/users/Admin@orderers.svc.cluster.local/tls/client.key: -------------------------------------------------------------------------------- 1 | -----BEGIN PRIVATE KEY----- 2 | MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgeR9Mm8Omz5vfJKDo 3 | N4AtQYG0RSK6oYHKnYm9+NIc732hRANCAAQbdB+aWsKxs02O1yrqNs1UX8fwM1lZ 4 | to9yU7I4fmqe/Bmhkn0NJyEXxP4qjtE6nXPW+JKVf4XsethzhF7YfI0m 5 | -----END PRIVATE KEY----- 6 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/peerOrganizations/peers.svc.cluster.local/ca/512fad948caabae208f8005155af9782b8945ef3fef219ada5c9d08b1923f399_sk: -------------------------------------------------------------------------------- 1 | -----BEGIN PRIVATE KEY----- 2 | MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg0Lyfk5TCanAtp/ZE 3 | pupZkWXtRbZkLGSItnVtfp91UIihRANCAASnEf6Y5+KOtWHzfH2Zl38/vnfLQB/s 4 | QElkv0WeUgTTaBm2sgYQk26xgT/rtRMw8x94ciibY/XG+47Yl0CGmnmk 5 | -----END PRIVATE KEY----- 6 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/peerOrganizations/peers.svc.cluster.local/ca/ca.peers.svc.cluster.local-cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICYDCCAgegAwIBAgIQcTe1EYdM1q0orap/rIAvYzAKBggqhkjOPQQDAjCBgTEL 3 | MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG 4 | cmFuY2lzY28xIDAeBgNVBAoTF3BlZXJzLnN2Yy5jbHVzdGVyLmxvY2FsMSMwIQYD 5 | VQQDExpjYS5wZWVycy5zdmMuY2x1c3Rlci5sb2NhbDAeFw0xOTAxMjMxMTE3MDBa 6 | Fw0yOTAxMjAxMTE3MDBaMIGBMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZv 7 | cm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEgMB4GA1UEChMXcGVlcnMuc3Zj 8 | LmNsdXN0ZXIubG9jYWwxIzAhBgNVBAMTGmNhLnBlZXJzLnN2Yy5jbHVzdGVyLmxv 9 | Y2FsMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEpxH+mOfijrVh83x9mZd/P753 10 | y0Af7EBJZL9FnlIE02gZtrIGEJNusYE/67UTMPMfeHIom2P1xvuO2JdAhpp5pKNf 11 | MF0wDgYDVR0PAQH/BAQDAgGmMA8GA1UdJQQIMAYGBFUdJQAwDwYDVR0TAQH/BAUw 12 | AwEB/zApBgNVHQ4EIgQgUS+tlIyquuII+ABRVa+XgriUXvP+8hmtpcnQixkj85kw 13 | CgYIKoZIzj0EAwIDRwAwRAIgEdzfE9RP89kwj02sI0R8uFvu5CYGF+3ZWT8YxqsF 14 | YQUCIGflGgoKaXog08w6Z+qWYc3EL+8rn4CUk45N7CKha4p1 15 | -----END CERTIFICATE----- 16 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/peerOrganizations/peers.svc.cluster.local/msp/admincerts/Admin@peers.svc.cluster.local-cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICLzCCAdagAwIBAgIRAInmTie+VKkdlJMM+jI1lPAwCgYIKoZIzj0EAwIwgYEx 3 | CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4g 4 | RnJhbmNpc2NvMSAwHgYDVQQKExdwZWVycy5zdmMuY2x1c3Rlci5sb2NhbDEjMCEG 5 | A1UEAxMaY2EucGVlcnMuc3ZjLmNsdXN0ZXIubG9jYWwwHhcNMTkwMTIzMTExNzAw 6 | WhcNMjkwMTIwMTExNzAwWjBiMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZv 7 | cm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEmMCQGA1UEAwwdQWRtaW5AcGVl 8 | cnMuc3ZjLmNsdXN0ZXIubG9jYWwwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATG 9 | dPleCbKAP7ZJg3JrAGMO/QpBtr2PYaSihSbHO4nEtxjLuvWDHv9lNGNbI8MAyMQ3 10 | VGkUnpZJIDfaDKaeQPDno00wSzAOBgNVHQ8BAf8EBAMCB4AwDAYDVR0TAQH/BAIw 11 | ADArBgNVHSMEJDAigCBRL62UjKq64gj4AFFVr5eCuJRe8/7yGa2lydCLGSPzmTAK 12 | BggqhkjOPQQDAgNHADBEAiASzYSt8r/0R+bgiJ5oaxudxHAH0gP43fvcomhjV/Gk 13 | gQIgJK8s6KEiKN6xy1aWvNvrp6bXkknbeOlYt+rii35zWeU= 14 | -----END CERTIFICATE----- 15 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/peerOrganizations/peers.svc.cluster.local/msp/cacerts/ca.peers.svc.cluster.local-cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICYDCCAgegAwIBAgIQcTe1EYdM1q0orap/rIAvYzAKBggqhkjOPQQDAjCBgTEL 3 | MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG 4 | cmFuY2lzY28xIDAeBgNVBAoTF3BlZXJzLnN2Yy5jbHVzdGVyLmxvY2FsMSMwIQYD 5 | VQQDExpjYS5wZWVycy5zdmMuY2x1c3Rlci5sb2NhbDAeFw0xOTAxMjMxMTE3MDBa 6 | Fw0yOTAxMjAxMTE3MDBaMIGBMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZv 7 | cm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEgMB4GA1UEChMXcGVlcnMuc3Zj 8 | LmNsdXN0ZXIubG9jYWwxIzAhBgNVBAMTGmNhLnBlZXJzLnN2Yy5jbHVzdGVyLmxv 9 | Y2FsMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEpxH+mOfijrVh83x9mZd/P753 10 | y0Af7EBJZL9FnlIE02gZtrIGEJNusYE/67UTMPMfeHIom2P1xvuO2JdAhpp5pKNf 11 | MF0wDgYDVR0PAQH/BAQDAgGmMA8GA1UdJQQIMAYGBFUdJQAwDwYDVR0TAQH/BAUw 12 | AwEB/zApBgNVHQ4EIgQgUS+tlIyquuII+ABRVa+XgriUXvP+8hmtpcnQixkj85kw 13 | CgYIKoZIzj0EAwIDRwAwRAIgEdzfE9RP89kwj02sI0R8uFvu5CYGF+3ZWT8YxqsF 14 | YQUCIGflGgoKaXog08w6Z+qWYc3EL+8rn4CUk45N7CKha4p1 15 | -----END CERTIFICATE----- 16 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/peerOrganizations/peers.svc.cluster.local/msp/tlscacerts/tlsca.peers.svc.cluster.local-cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICZzCCAg2gAwIBAgIQRBS6qndGtisIW4/L1S1vJDAKBggqhkjOPQQDAjCBhDEL 3 | MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG 4 | cmFuY2lzY28xIDAeBgNVBAoTF3BlZXJzLnN2Yy5jbHVzdGVyLmxvY2FsMSYwJAYD 5 | VQQDEx10bHNjYS5wZWVycy5zdmMuY2x1c3Rlci5sb2NhbDAeFw0xOTAxMjMxMTE3 6 | MDBaFw0yOTAxMjAxMTE3MDBaMIGEMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2Fs 7 | aWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEgMB4GA1UEChMXcGVlcnMu 8 | c3ZjLmNsdXN0ZXIubG9jYWwxJjAkBgNVBAMTHXRsc2NhLnBlZXJzLnN2Yy5jbHVz 9 | dGVyLmxvY2FsMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE+Ixt94cmeQ8M1JIj 10 | LDyAAS0YcwpH+lDkmMJp5wUxfdVux28IZzDo7swBs5dOGSxYNnklXIBOQx/RAJHW 11 | 48pnLqNfMF0wDgYDVR0PAQH/BAQDAgGmMA8GA1UdJQQIMAYGBFUdJQAwDwYDVR0T 12 | AQH/BAUwAwEB/zApBgNVHQ4EIgQgI3ELU/ohwwrpLHD4GJvpDZDsiNejPpCxlJnG 13 | o2VNwK8wCgYIKoZIzj0EAwIDSAAwRQIhAIny4QVTVAHYbFHjPvKDkoKoodQkHBmk 14 | UXtIM8KaaAa8AiBRveGXk1db+NE0isy9bxvRyFbOh68qGHcX6oZKFjHLmw== 15 | -----END CERTIFICATE----- 16 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/peerOrganizations/peers.svc.cluster.local/peers/peer1-hlf-peer.peers.svc.cluster.local/msp/admincerts/Admin@peers.svc.cluster.local-cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICLzCCAdagAwIBAgIRAInmTie+VKkdlJMM+jI1lPAwCgYIKoZIzj0EAwIwgYEx 3 | CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4g 4 | RnJhbmNpc2NvMSAwHgYDVQQKExdwZWVycy5zdmMuY2x1c3Rlci5sb2NhbDEjMCEG 5 | A1UEAxMaY2EucGVlcnMuc3ZjLmNsdXN0ZXIubG9jYWwwHhcNMTkwMTIzMTExNzAw 6 | WhcNMjkwMTIwMTExNzAwWjBiMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZv 7 | cm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEmMCQGA1UEAwwdQWRtaW5AcGVl 8 | cnMuc3ZjLmNsdXN0ZXIubG9jYWwwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATG 9 | dPleCbKAP7ZJg3JrAGMO/QpBtr2PYaSihSbHO4nEtxjLuvWDHv9lNGNbI8MAyMQ3 10 | VGkUnpZJIDfaDKaeQPDno00wSzAOBgNVHQ8BAf8EBAMCB4AwDAYDVR0TAQH/BAIw 11 | ADArBgNVHSMEJDAigCBRL62UjKq64gj4AFFVr5eCuJRe8/7yGa2lydCLGSPzmTAK 12 | BggqhkjOPQQDAgNHADBEAiASzYSt8r/0R+bgiJ5oaxudxHAH0gP43fvcomhjV/Gk 13 | gQIgJK8s6KEiKN6xy1aWvNvrp6bXkknbeOlYt+rii35zWeU= 14 | -----END CERTIFICATE----- 15 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/peerOrganizations/peers.svc.cluster.local/peers/peer1-hlf-peer.peers.svc.cluster.local/msp/cacerts/ca.peers.svc.cluster.local-cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICYDCCAgegAwIBAgIQcTe1EYdM1q0orap/rIAvYzAKBggqhkjOPQQDAjCBgTEL 3 | MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG 4 | cmFuY2lzY28xIDAeBgNVBAoTF3BlZXJzLnN2Yy5jbHVzdGVyLmxvY2FsMSMwIQYD 5 | VQQDExpjYS5wZWVycy5zdmMuY2x1c3Rlci5sb2NhbDAeFw0xOTAxMjMxMTE3MDBa 6 | Fw0yOTAxMjAxMTE3MDBaMIGBMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZv 7 | cm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEgMB4GA1UEChMXcGVlcnMuc3Zj 8 | LmNsdXN0ZXIubG9jYWwxIzAhBgNVBAMTGmNhLnBlZXJzLnN2Yy5jbHVzdGVyLmxv 9 | Y2FsMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEpxH+mOfijrVh83x9mZd/P753 10 | y0Af7EBJZL9FnlIE02gZtrIGEJNusYE/67UTMPMfeHIom2P1xvuO2JdAhpp5pKNf 11 | MF0wDgYDVR0PAQH/BAQDAgGmMA8GA1UdJQQIMAYGBFUdJQAwDwYDVR0TAQH/BAUw 12 | AwEB/zApBgNVHQ4EIgQgUS+tlIyquuII+ABRVa+XgriUXvP+8hmtpcnQixkj85kw 13 | CgYIKoZIzj0EAwIDRwAwRAIgEdzfE9RP89kwj02sI0R8uFvu5CYGF+3ZWT8YxqsF 14 | YQUCIGflGgoKaXog08w6Z+qWYc3EL+8rn4CUk45N7CKha4p1 15 | -----END CERTIFICATE----- 16 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/peerOrganizations/peers.svc.cluster.local/peers/peer1-hlf-peer.peers.svc.cluster.local/msp/keystore/b2336f4865c5f471a3118444e3a8acaba9bab443f05304f499e34da9329f41c0_sk: -------------------------------------------------------------------------------- 1 | -----BEGIN PRIVATE KEY----- 2 | MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQghDN+KpoNXlYJB3UK 3 | gpWSoP6Fxx6O88F9DuK1GphUpfKhRANCAAQrXgOBODiItbQpy5Rh8GIAGV3QjdII 4 | T23jvHoQCQiyfYFKYA5qKPDnZ9+z8Hp9zTjQR3zjzqM3lFIjlQmcDRc1 5 | -----END PRIVATE KEY----- 6 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/peerOrganizations/peers.svc.cluster.local/peers/peer1-hlf-peer.peers.svc.cluster.local/msp/signcerts/peer1-hlf-peer.peers.svc.cluster.local-cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICOTCCAd+gAwIBAgIRAJ+JPkZo2k1tIjSsm/fyy2gwCgYIKoZIzj0EAwIwgYEx 3 | CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4g 4 | RnJhbmNpc2NvMSAwHgYDVQQKExdwZWVycy5zdmMuY2x1c3Rlci5sb2NhbDEjMCEG 5 | A1UEAxMaY2EucGVlcnMuc3ZjLmNsdXN0ZXIubG9jYWwwHhcNMTkwMTIzMTExNzAw 6 | WhcNMjkwMTIwMTExNzAwWjBrMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZv 7 | cm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEvMC0GA1UEAxMmcGVlcjEtaGxm 8 | LXBlZXIucGVlcnMuc3ZjLmNsdXN0ZXIubG9jYWwwWTATBgcqhkjOPQIBBggqhkjO 9 | PQMBBwNCAAQrXgOBODiItbQpy5Rh8GIAGV3QjdIIT23jvHoQCQiyfYFKYA5qKPDn 10 | Z9+z8Hp9zTjQR3zjzqM3lFIjlQmcDRc1o00wSzAOBgNVHQ8BAf8EBAMCB4AwDAYD 11 | VR0TAQH/BAIwADArBgNVHSMEJDAigCBRL62UjKq64gj4AFFVr5eCuJRe8/7yGa2l 12 | ydCLGSPzmTAKBggqhkjOPQQDAgNIADBFAiEA/agKsUMe6ECbuj1IDvHH9VvDgBRj 13 | ABqpaMKpHlDu77wCIFldUpdOICI6o2foI/5nEGIgS05TvbVu2EV8/zjJAC13 14 | -----END CERTIFICATE----- 15 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/peerOrganizations/peers.svc.cluster.local/peers/peer1-hlf-peer.peers.svc.cluster.local/msp/tlscacerts/tlsca.peers.svc.cluster.local-cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICZzCCAg2gAwIBAgIQRBS6qndGtisIW4/L1S1vJDAKBggqhkjOPQQDAjCBhDEL 3 | MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG 4 | cmFuY2lzY28xIDAeBgNVBAoTF3BlZXJzLnN2Yy5jbHVzdGVyLmxvY2FsMSYwJAYD 5 | VQQDEx10bHNjYS5wZWVycy5zdmMuY2x1c3Rlci5sb2NhbDAeFw0xOTAxMjMxMTE3 6 | MDBaFw0yOTAxMjAxMTE3MDBaMIGEMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2Fs 7 | aWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEgMB4GA1UEChMXcGVlcnMu 8 | c3ZjLmNsdXN0ZXIubG9jYWwxJjAkBgNVBAMTHXRsc2NhLnBlZXJzLnN2Yy5jbHVz 9 | dGVyLmxvY2FsMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE+Ixt94cmeQ8M1JIj 10 | LDyAAS0YcwpH+lDkmMJp5wUxfdVux28IZzDo7swBs5dOGSxYNnklXIBOQx/RAJHW 11 | 48pnLqNfMF0wDgYDVR0PAQH/BAQDAgGmMA8GA1UdJQQIMAYGBFUdJQAwDwYDVR0T 12 | AQH/BAUwAwEB/zApBgNVHQ4EIgQgI3ELU/ohwwrpLHD4GJvpDZDsiNejPpCxlJnG 13 | o2VNwK8wCgYIKoZIzj0EAwIDSAAwRQIhAIny4QVTVAHYbFHjPvKDkoKoodQkHBmk 14 | UXtIM8KaaAa8AiBRveGXk1db+NE0isy9bxvRyFbOh68qGHcX6oZKFjHLmw== 15 | -----END CERTIFICATE----- 16 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/peerOrganizations/peers.svc.cluster.local/peers/peer1-hlf-peer.peers.svc.cluster.local/tls/ca.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICZzCCAg2gAwIBAgIQRBS6qndGtisIW4/L1S1vJDAKBggqhkjOPQQDAjCBhDEL 3 | MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG 4 | cmFuY2lzY28xIDAeBgNVBAoTF3BlZXJzLnN2Yy5jbHVzdGVyLmxvY2FsMSYwJAYD 5 | VQQDEx10bHNjYS5wZWVycy5zdmMuY2x1c3Rlci5sb2NhbDAeFw0xOTAxMjMxMTE3 6 | MDBaFw0yOTAxMjAxMTE3MDBaMIGEMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2Fs 7 | aWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEgMB4GA1UEChMXcGVlcnMu 8 | c3ZjLmNsdXN0ZXIubG9jYWwxJjAkBgNVBAMTHXRsc2NhLnBlZXJzLnN2Yy5jbHVz 9 | dGVyLmxvY2FsMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE+Ixt94cmeQ8M1JIj 10 | LDyAAS0YcwpH+lDkmMJp5wUxfdVux28IZzDo7swBs5dOGSxYNnklXIBOQx/RAJHW 11 | 48pnLqNfMF0wDgYDVR0PAQH/BAQDAgGmMA8GA1UdJQQIMAYGBFUdJQAwDwYDVR0T 12 | AQH/BAUwAwEB/zApBgNVHQ4EIgQgI3ELU/ohwwrpLHD4GJvpDZDsiNejPpCxlJnG 13 | o2VNwK8wCgYIKoZIzj0EAwIDSAAwRQIhAIny4QVTVAHYbFHjPvKDkoKoodQkHBmk 14 | UXtIM8KaaAa8AiBRveGXk1db+NE0isy9bxvRyFbOh68qGHcX6oZKFjHLmw== 15 | -----END CERTIFICATE----- 16 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/peerOrganizations/peers.svc.cluster.local/peers/peer1-hlf-peer.peers.svc.cluster.local/tls/server.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICnjCCAkWgAwIBAgIQKFrM/wuChPeDhWYwWoJcsTAKBggqhkjOPQQDAjCBhDEL 3 | MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG 4 | cmFuY2lzY28xIDAeBgNVBAoTF3BlZXJzLnN2Yy5jbHVzdGVyLmxvY2FsMSYwJAYD 5 | VQQDEx10bHNjYS5wZWVycy5zdmMuY2x1c3Rlci5sb2NhbDAeFw0xOTAxMjMxMTE3 6 | MDBaFw0yOTAxMjAxMTE3MDBaMGsxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxp 7 | Zm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMS8wLQYDVQQDEyZwZWVyMS1o 8 | bGYtcGVlci5wZWVycy5zdmMuY2x1c3Rlci5sb2NhbDBZMBMGByqGSM49AgEGCCqG 9 | SM49AwEHA0IABMEzyl/GyiGyh7O04iGlTFZPlm9msFdSu5uqZWy3VjLkWZV9WJjh 10 | Wfz+A35Z8jCs7FK88kz7ybO7iDMDDpI828mjgbAwga0wDgYDVR0PAQH/BAQDAgWg 11 | MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMCsG 12 | A1UdIwQkMCKAICNxC1P6IcMK6Sxw+Bib6Q2Q7IjXoz6QsZSZxqNlTcCvMEEGA1Ud 13 | EQQ6MDiCJnBlZXIxLWhsZi1wZWVyLnBlZXJzLnN2Yy5jbHVzdGVyLmxvY2Fsgg5w 14 | ZWVyMS1obGYtcGVlcjAKBggqhkjOPQQDAgNHADBEAiBjtgtaQHCCq7dHvTKylsQv 15 | NeB6pbb77/xcdBbtqA+YLwIgQmDdTYjxb0C+1ZEox/eauIBcsro6Ip1XvZ/EydRl 16 | iNk= 17 | -----END CERTIFICATE----- 18 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/peerOrganizations/peers.svc.cluster.local/peers/peer1-hlf-peer.peers.svc.cluster.local/tls/server.key: -------------------------------------------------------------------------------- 1 | -----BEGIN PRIVATE KEY----- 2 | MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg8BgHKnRqpNIbat8f 3 | UrSWQgIPaoUPIX3a0Pl1SK7kYCWhRANCAATBM8pfxsohsoeztOIhpUxWT5ZvZrBX 4 | UrubqmVst1Yy5FmVfViY4Vn8/gN+WfIwrOxSvPJM+8mzu4gzAw6SPNvJ 5 | -----END PRIVATE KEY----- 6 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/peerOrganizations/peers.svc.cluster.local/tlsca/23710b53fa21c30ae92c70f8189be90d90ec88d7a33e90b19499c6a3654dc0af_sk: -------------------------------------------------------------------------------- 1 | -----BEGIN PRIVATE KEY----- 2 | MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgb77n2FXNuz6R8+6E 3 | 41HDaakU2Ti0N8CcRGY1rEzdd62hRANCAAT4jG33hyZ5DwzUkiMsPIABLRhzCkf6 4 | UOSYwmnnBTF91W7HbwhnMOjuzAGzl04ZLFg2eSVcgE5DH9EAkdbjymcu 5 | -----END PRIVATE KEY----- 6 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/peerOrganizations/peers.svc.cluster.local/tlsca/tlsca.peers.svc.cluster.local-cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICZzCCAg2gAwIBAgIQRBS6qndGtisIW4/L1S1vJDAKBggqhkjOPQQDAjCBhDEL 3 | MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG 4 | cmFuY2lzY28xIDAeBgNVBAoTF3BlZXJzLnN2Yy5jbHVzdGVyLmxvY2FsMSYwJAYD 5 | VQQDEx10bHNjYS5wZWVycy5zdmMuY2x1c3Rlci5sb2NhbDAeFw0xOTAxMjMxMTE3 6 | MDBaFw0yOTAxMjAxMTE3MDBaMIGEMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2Fs 7 | aWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEgMB4GA1UEChMXcGVlcnMu 8 | c3ZjLmNsdXN0ZXIubG9jYWwxJjAkBgNVBAMTHXRsc2NhLnBlZXJzLnN2Yy5jbHVz 9 | dGVyLmxvY2FsMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE+Ixt94cmeQ8M1JIj 10 | LDyAAS0YcwpH+lDkmMJp5wUxfdVux28IZzDo7swBs5dOGSxYNnklXIBOQx/RAJHW 11 | 48pnLqNfMF0wDgYDVR0PAQH/BAQDAgGmMA8GA1UdJQQIMAYGBFUdJQAwDwYDVR0T 12 | AQH/BAUwAwEB/zApBgNVHQ4EIgQgI3ELU/ohwwrpLHD4GJvpDZDsiNejPpCxlJnG 13 | o2VNwK8wCgYIKoZIzj0EAwIDSAAwRQIhAIny4QVTVAHYbFHjPvKDkoKoodQkHBmk 14 | UXtIM8KaaAa8AiBRveGXk1db+NE0isy9bxvRyFbOh68qGHcX6oZKFjHLmw== 15 | -----END CERTIFICATE----- 16 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/peerOrganizations/peers.svc.cluster.local/users/Admin@peers.svc.cluster.local/msp/admincerts/Admin@peers.svc.cluster.local-cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICLzCCAdagAwIBAgIRAInmTie+VKkdlJMM+jI1lPAwCgYIKoZIzj0EAwIwgYEx 3 | CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4g 4 | RnJhbmNpc2NvMSAwHgYDVQQKExdwZWVycy5zdmMuY2x1c3Rlci5sb2NhbDEjMCEG 5 | A1UEAxMaY2EucGVlcnMuc3ZjLmNsdXN0ZXIubG9jYWwwHhcNMTkwMTIzMTExNzAw 6 | WhcNMjkwMTIwMTExNzAwWjBiMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZv 7 | cm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEmMCQGA1UEAwwdQWRtaW5AcGVl 8 | cnMuc3ZjLmNsdXN0ZXIubG9jYWwwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATG 9 | dPleCbKAP7ZJg3JrAGMO/QpBtr2PYaSihSbHO4nEtxjLuvWDHv9lNGNbI8MAyMQ3 10 | VGkUnpZJIDfaDKaeQPDno00wSzAOBgNVHQ8BAf8EBAMCB4AwDAYDVR0TAQH/BAIw 11 | ADArBgNVHSMEJDAigCBRL62UjKq64gj4AFFVr5eCuJRe8/7yGa2lydCLGSPzmTAK 12 | BggqhkjOPQQDAgNHADBEAiASzYSt8r/0R+bgiJ5oaxudxHAH0gP43fvcomhjV/Gk 13 | gQIgJK8s6KEiKN6xy1aWvNvrp6bXkknbeOlYt+rii35zWeU= 14 | -----END CERTIFICATE----- 15 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/peerOrganizations/peers.svc.cluster.local/users/Admin@peers.svc.cluster.local/msp/cacerts/ca.peers.svc.cluster.local-cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICYDCCAgegAwIBAgIQcTe1EYdM1q0orap/rIAvYzAKBggqhkjOPQQDAjCBgTEL 3 | MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG 4 | cmFuY2lzY28xIDAeBgNVBAoTF3BlZXJzLnN2Yy5jbHVzdGVyLmxvY2FsMSMwIQYD 5 | VQQDExpjYS5wZWVycy5zdmMuY2x1c3Rlci5sb2NhbDAeFw0xOTAxMjMxMTE3MDBa 6 | Fw0yOTAxMjAxMTE3MDBaMIGBMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZv 7 | cm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEgMB4GA1UEChMXcGVlcnMuc3Zj 8 | LmNsdXN0ZXIubG9jYWwxIzAhBgNVBAMTGmNhLnBlZXJzLnN2Yy5jbHVzdGVyLmxv 9 | Y2FsMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEpxH+mOfijrVh83x9mZd/P753 10 | y0Af7EBJZL9FnlIE02gZtrIGEJNusYE/67UTMPMfeHIom2P1xvuO2JdAhpp5pKNf 11 | MF0wDgYDVR0PAQH/BAQDAgGmMA8GA1UdJQQIMAYGBFUdJQAwDwYDVR0TAQH/BAUw 12 | AwEB/zApBgNVHQ4EIgQgUS+tlIyquuII+ABRVa+XgriUXvP+8hmtpcnQixkj85kw 13 | CgYIKoZIzj0EAwIDRwAwRAIgEdzfE9RP89kwj02sI0R8uFvu5CYGF+3ZWT8YxqsF 14 | YQUCIGflGgoKaXog08w6Z+qWYc3EL+8rn4CUk45N7CKha4p1 15 | -----END CERTIFICATE----- 16 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/peerOrganizations/peers.svc.cluster.local/users/Admin@peers.svc.cluster.local/msp/keystore/79cee3f6d889ee90fcaf92115a4b22f1b606c8e2339c594e21693ae916a53dd4_sk: -------------------------------------------------------------------------------- 1 | -----BEGIN PRIVATE KEY----- 2 | MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgvVILdZKop6nSZgU4 3 | 82IboU+ijhz1rVpyi7FT+HLK4x2hRANCAATGdPleCbKAP7ZJg3JrAGMO/QpBtr2P 4 | YaSihSbHO4nEtxjLuvWDHv9lNGNbI8MAyMQ3VGkUnpZJIDfaDKaeQPDn 5 | -----END PRIVATE KEY----- 6 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/peerOrganizations/peers.svc.cluster.local/users/Admin@peers.svc.cluster.local/msp/signcerts/Admin@peers.svc.cluster.local-cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICLzCCAdagAwIBAgIRAInmTie+VKkdlJMM+jI1lPAwCgYIKoZIzj0EAwIwgYEx 3 | CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4g 4 | RnJhbmNpc2NvMSAwHgYDVQQKExdwZWVycy5zdmMuY2x1c3Rlci5sb2NhbDEjMCEG 5 | A1UEAxMaY2EucGVlcnMuc3ZjLmNsdXN0ZXIubG9jYWwwHhcNMTkwMTIzMTExNzAw 6 | WhcNMjkwMTIwMTExNzAwWjBiMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZv 7 | cm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEmMCQGA1UEAwwdQWRtaW5AcGVl 8 | cnMuc3ZjLmNsdXN0ZXIubG9jYWwwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATG 9 | dPleCbKAP7ZJg3JrAGMO/QpBtr2PYaSihSbHO4nEtxjLuvWDHv9lNGNbI8MAyMQ3 10 | VGkUnpZJIDfaDKaeQPDno00wSzAOBgNVHQ8BAf8EBAMCB4AwDAYDVR0TAQH/BAIw 11 | ADArBgNVHSMEJDAigCBRL62UjKq64gj4AFFVr5eCuJRe8/7yGa2lydCLGSPzmTAK 12 | BggqhkjOPQQDAgNHADBEAiASzYSt8r/0R+bgiJ5oaxudxHAH0gP43fvcomhjV/Gk 13 | gQIgJK8s6KEiKN6xy1aWvNvrp6bXkknbeOlYt+rii35zWeU= 14 | -----END CERTIFICATE----- 15 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/peerOrganizations/peers.svc.cluster.local/users/Admin@peers.svc.cluster.local/msp/tlscacerts/tlsca.peers.svc.cluster.local-cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICZzCCAg2gAwIBAgIQRBS6qndGtisIW4/L1S1vJDAKBggqhkjOPQQDAjCBhDEL 3 | MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG 4 | cmFuY2lzY28xIDAeBgNVBAoTF3BlZXJzLnN2Yy5jbHVzdGVyLmxvY2FsMSYwJAYD 5 | VQQDEx10bHNjYS5wZWVycy5zdmMuY2x1c3Rlci5sb2NhbDAeFw0xOTAxMjMxMTE3 6 | MDBaFw0yOTAxMjAxMTE3MDBaMIGEMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2Fs 7 | aWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEgMB4GA1UEChMXcGVlcnMu 8 | c3ZjLmNsdXN0ZXIubG9jYWwxJjAkBgNVBAMTHXRsc2NhLnBlZXJzLnN2Yy5jbHVz 9 | dGVyLmxvY2FsMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE+Ixt94cmeQ8M1JIj 10 | LDyAAS0YcwpH+lDkmMJp5wUxfdVux28IZzDo7swBs5dOGSxYNnklXIBOQx/RAJHW 11 | 48pnLqNfMF0wDgYDVR0PAQH/BAQDAgGmMA8GA1UdJQQIMAYGBFUdJQAwDwYDVR0T 12 | AQH/BAUwAwEB/zApBgNVHQ4EIgQgI3ELU/ohwwrpLHD4GJvpDZDsiNejPpCxlJnG 13 | o2VNwK8wCgYIKoZIzj0EAwIDSAAwRQIhAIny4QVTVAHYbFHjPvKDkoKoodQkHBmk 14 | UXtIM8KaaAa8AiBRveGXk1db+NE0isy9bxvRyFbOh68qGHcX6oZKFjHLmw== 15 | -----END CERTIFICATE----- 16 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/peerOrganizations/peers.svc.cluster.local/users/Admin@peers.svc.cluster.local/tls/ca.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICZzCCAg2gAwIBAgIQRBS6qndGtisIW4/L1S1vJDAKBggqhkjOPQQDAjCBhDEL 3 | MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG 4 | cmFuY2lzY28xIDAeBgNVBAoTF3BlZXJzLnN2Yy5jbHVzdGVyLmxvY2FsMSYwJAYD 5 | VQQDEx10bHNjYS5wZWVycy5zdmMuY2x1c3Rlci5sb2NhbDAeFw0xOTAxMjMxMTE3 6 | MDBaFw0yOTAxMjAxMTE3MDBaMIGEMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2Fs 7 | aWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEgMB4GA1UEChMXcGVlcnMu 8 | c3ZjLmNsdXN0ZXIubG9jYWwxJjAkBgNVBAMTHXRsc2NhLnBlZXJzLnN2Yy5jbHVz 9 | dGVyLmxvY2FsMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE+Ixt94cmeQ8M1JIj 10 | LDyAAS0YcwpH+lDkmMJp5wUxfdVux28IZzDo7swBs5dOGSxYNnklXIBOQx/RAJHW 11 | 48pnLqNfMF0wDgYDVR0PAQH/BAQDAgGmMA8GA1UdJQQIMAYGBFUdJQAwDwYDVR0T 12 | AQH/BAUwAwEB/zApBgNVHQ4EIgQgI3ELU/ohwwrpLHD4GJvpDZDsiNejPpCxlJnG 13 | o2VNwK8wCgYIKoZIzj0EAwIDSAAwRQIhAIny4QVTVAHYbFHjPvKDkoKoodQkHBmk 14 | UXtIM8KaaAa8AiBRveGXk1db+NE0isy9bxvRyFbOh68qGHcX6oZKFjHLmw== 15 | -----END CERTIFICATE----- 16 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/peerOrganizations/peers.svc.cluster.local/users/Admin@peers.svc.cluster.local/tls/client.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICUjCCAfigAwIBAgIRAJtqewX++NoE9XOMuyuBt5owCgYIKoZIzj0EAwIwgYQx 3 | CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4g 4 | RnJhbmNpc2NvMSAwHgYDVQQKExdwZWVycy5zdmMuY2x1c3Rlci5sb2NhbDEmMCQG 5 | A1UEAxMddGxzY2EucGVlcnMuc3ZjLmNsdXN0ZXIubG9jYWwwHhcNMTkwMTIzMTEx 6 | NzAwWhcNMjkwMTIwMTExNzAwWjBiMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2Fs 7 | aWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEmMCQGA1UEAwwdQWRtaW5A 8 | cGVlcnMuc3ZjLmNsdXN0ZXIubG9jYWwwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNC 9 | AATLC64CoS59l4ts7FK9GfiYU0TcggUMQdGSJLQ8VUvnvD+vMY7upEbrlzrtrk0d 10 | ZWM0lxqmgU/WbrMW9agsVGTzo2wwajAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw 11 | FAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwKwYDVR0jBCQwIoAg 12 | I3ELU/ohwwrpLHD4GJvpDZDsiNejPpCxlJnGo2VNwK8wCgYIKoZIzj0EAwIDSAAw 13 | RQIhAI9ToyAlmqGJjezoxLYkH1pAHw6jZvdo5/Ypxm+GjgotAiAoTDcFu5C07AFD 14 | 6Z9IjucddzENXVnc15jpl19oqziEEw== 15 | -----END CERTIFICATE----- 16 | -------------------------------------------------------------------------------- /examples/dev/crypto/crypto-config/peerOrganizations/peers.svc.cluster.local/users/Admin@peers.svc.cluster.local/tls/client.key: -------------------------------------------------------------------------------- 1 | -----BEGIN PRIVATE KEY----- 2 | MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgwxmA+7RFqEQIxHU0 3 | gVqsRaHaG42tv5Zq6DvvzVeWpUehRANCAATLC64CoS59l4ts7FK9GfiYU0TcggUM 4 | QdGSJLQ8VUvnvD+vMY7upEbrlzrtrk0dZWM0lxqmgU/WbrMW9agsVGTz 5 | -----END PRIVATE KEY----- 6 | -------------------------------------------------------------------------------- /examples/dev/helm_values/hlf-couchdb/cdb-peer1.yaml: -------------------------------------------------------------------------------- 1 | image: 2 | tag: 0.4.10 3 | 4 | persistence: 5 | size: 1Gi 6 | -------------------------------------------------------------------------------- /examples/dev/helm_values/hlf-ord/ord1.yaml: -------------------------------------------------------------------------------- 1 | image: 2 | tag: 1.3.0 3 | 4 | persistence: 5 | accessMode: ReadWriteOnce 6 | size: 1Gi 7 | 8 | ord: 9 | type: solo 10 | mspID: OrdererMSP 11 | 12 | secrets: 13 | ord: 14 | cert: hlf--ord1-idcert 15 | key: hlf--ord1-idkey 16 | caCert: hlf--ordadmin-cacert 17 | genesis: hlf--genesis 18 | adminCert: hlf--ordadmin-idcert 19 | -------------------------------------------------------------------------------- /examples/dev/helm_values/hlf-peer/peer1.yaml: -------------------------------------------------------------------------------- 1 | image: 2 | tag: 1.3.0 3 | 4 | persistence: 5 | accessMode: ReadWriteOnce 6 | size: 1Gi 7 | 8 | peer: 9 | databaseType: CouchDB 10 | couchdbInstance: cdb-peer1 11 | mspID: PeerMSP 12 | 13 | secrets: 14 | peer: 15 | cert: hlf--peer1-idcert 16 | key: hlf--peer1-idkey 17 | caCert: hlf--peeradmin-cacert 18 | channel: hlf--channel 19 | adminCert: hlf--peeradmin-idcert 20 | adminKey: hlf--peeradmin-idkey 21 | -------------------------------------------------------------------------------- /examples/dev/nephos_config.yaml: -------------------------------------------------------------------------------- 1 | core: 2 | # Comment out to make it work on your cluster 3 | cluster: minikube 4 | # ChartMuseum repository or directory holding charts 5 | chart_repo: stable 6 | # Directory where we hold configtx.yaml 7 | dir_config: ./examples/dev/config 8 | # Directory where we hold: 9 | # 1) cryptographic material 10 | # 2) genesis block and 11 | # 3) channel transaction 12 | # Directory where we hold crypto-material 13 | dir_crypto: ./examples/dev/crypto 14 | # Directory where the Helm Chart values reside 15 | dir_values: ./examples/dev/helm_values 16 | cas: {} # No CAs as we are using cryptogen 17 | msps: 18 | OrdererMSP: 19 | namespace: orderers 20 | org_admin: ordadmin 21 | # org_passwd: # Set implicitly 22 | PeerMSP: 23 | namespace: peers 24 | org_admin: peeradmin 25 | # org_passwd: # Set implicitly 26 | orderers: 27 | domain: orderers.svc.cluster.local 28 | msp: OrdererMSP 29 | names: 30 | - ord1 31 | secret_genesis: hlf--genesis 32 | peers: 33 | domain: peers.svc.cluster.local 34 | msp: PeerMSP 35 | names: 36 | - peer1 37 | channel_name: mychannel 38 | channel_profile: MyChannel 39 | secret_channel: hlf--channel 40 | -------------------------------------------------------------------------------- /examples/prod/config/configtx.yaml: -------------------------------------------------------------------------------- 1 | # Copyright IBM Corp. All Rights Reserved. 2 | # 3 | # SPDX-License-Identifier: Apache-2.0 4 | # 5 | 6 | ################################################################################ 7 | # 8 | # Section: Organizations 9 | # 10 | # - This section defines the different organizational identities which will 11 | # be referenced later in the configuration. 12 | # 13 | ################################################################################ 14 | Organizations: 15 | 16 | # SampleOrg defines an MSP using the sampleconfig. It should never be used 17 | # in production but may be used as a template for other definitions 18 | - &OrdererOrg 19 | # DefaultOrg defines the organization which is used in the sampleconfig 20 | # of the fabric.git development environment 21 | Name: OrdererOrg 22 | 23 | # ID to load the MSP definition as 24 | ID: OrdererMSP 25 | 26 | # MSPDir is the filesystem path which contains the MSP configuration 27 | MSPDir: ../crypto/OrdererMSP 28 | 29 | # turn off security for the channel 30 | AdminPrincipal: Role.MEMBER 31 | 32 | # Organization controlling both peers and Orderers 33 | - &PeerOrg 34 | Name: PeerOrg 35 | 36 | # ID to load the MSP definition as 37 | ID: PeerMSP 38 | 39 | MSPDir: ../crypto/PeerMSP 40 | 41 | # turn off security for the peer 42 | AdminPrincipal: Role.MEMBER 43 | 44 | AnchorPeers: 45 | # AnchorPeers defines the location of peers that can be used 46 | # for cross org gossip communication. Note, this value is only 47 | # encoded in the genesis block in the Application section context 48 | - Host: peer1-hlf-peer.peers.svc.cluster.local 49 | Port: 7051 50 | 51 | ################################################################################ 52 | # 53 | # SECTION: Orderer 54 | # 55 | # - This section defines the values to encode into a config transaction or 56 | # genesis block for orderer related parameters 57 | # 58 | ################################################################################ 59 | Orderer: &OrdererDefaults 60 | 61 | # Orderer Type: The orderer implementation to start 62 | # Available types are "solo" and "kafka" 63 | OrdererType: kafka 64 | 65 | Addresses: 66 | - ord1-hlf-ord.orderers.svc.cluster.local:7050 67 | - ord2-hlf-ord.orderers.svc.cluster.local:7050 68 | 69 | # Batch Timeout: The amount of time to wait before creating a batch 70 | BatchTimeout: 2s 71 | 72 | # Batch Size: Controls the number of messages batched into a block 73 | BatchSize: 74 | 75 | # Max Message Count: The maximum number of messages to permit in a batch 76 | MaxMessageCount: 10 77 | 78 | # Absolute Max Bytes: The absolute maximum number of bytes allowed for 79 | # the serialized messages in a batch. 80 | AbsoluteMaxBytes: 98 MB 81 | 82 | # Preferred Max Bytes: The preferred maximum number of bytes allowed for 83 | # the serialized messages in a batch. A message larger than the preferred 84 | # max bytes will result in a batch larger than preferred max bytes. 85 | PreferredMaxBytes: 512 KB 86 | 87 | Kafka: 88 | # Brokers: A list of Kafka brokers to which the orderer connects 89 | # If using K8S, we specify the service exposing the brokers 90 | # NOTE: Use Address/IP:port notation 91 | Brokers: 92 | - kafka-hlf.orderers.svc.cluster.local:9092 93 | 94 | # Organizations is the list of orgs which are defined as participants on 95 | # the orderer side of the network 96 | Organizations: 97 | 98 | ################################################################################ 99 | # 100 | # SECTION: Application 101 | # 102 | # - This section defines the values to encode into a config transaction or 103 | # genesis block for application related parameters 104 | # 105 | ################################################################################ 106 | Application: &ApplicationDefaults 107 | 108 | # Organizations is the list of orgs which are defined as participants on 109 | # the application side of the network 110 | Organizations: 111 | 112 | ################################################################################ 113 | # 114 | # Profile 115 | # 116 | # - Different configuration profiles may be encoded here to be specified 117 | # as parameters to the configtxgen tool 118 | # 119 | ################################################################################ 120 | Profiles: 121 | 122 | OrdererGenesis: 123 | Orderer: 124 | <<: *OrdererDefaults 125 | Organizations: 126 | - *OrdererOrg 127 | Consortiums: 128 | MyConsortium: 129 | Organizations: 130 | - *PeerOrg 131 | MyChannel: 132 | Consortium: MyConsortium 133 | Application: 134 | <<: *ApplicationDefaults 135 | Organizations: 136 | - *PeerOrg 137 | -------------------------------------------------------------------------------- /examples/prod/helm_values/hl-composer/hlc.yaml: -------------------------------------------------------------------------------- 1 | persistence: 2 | enabled: true 3 | # Required since multiple containers need to access same file system 4 | accessMode: ReadWriteMany 5 | size: 1Gi 6 | # e.g. Custom Azure storage class 7 | # Using mountOptions "0750" for dir_mode/file_mode and "1000" for uid and gid 8 | storageClass: "azurefile0permissive" 9 | 10 | cli: 11 | image: 12 | tag: 0.20.0 13 | secrets: 14 | # This should contain the packaged .bna network file. 15 | blockchainNetwork: hlc--bna 16 | adminCert: hlf--peeradmin-idcert 17 | adminKey: hlf--peeradmin-idkey 18 | hlcConnection: hlc--connection 19 | 20 | rest: 21 | image: 22 | tag: 0.20.0 23 | # Ingress for Composer REST 24 | ingress: 25 | enabled: true 26 | annotations: 27 | kubernetes.io/ingress.class: nginx 28 | certmanager.k8s.io/cluster-issuer: "letsencrypt-production" 29 | path: / 30 | hosts: 31 | - hlc-rest.nephos.aidtech-test.xyz 32 | tls: 33 | - secretName: hlc-rest--tls 34 | hosts: 35 | - hlc-rest.nephos.aidtech-test.xyz 36 | 37 | config: 38 | # Composer REST server API key 39 | #apiKey: 40 | # Card for network connection 41 | composerRestServerCard: peeradmin@test-network 42 | 43 | pg: 44 | image: 45 | tag: 0.20.0 46 | # Ingress for Composer PlayGround 47 | ingress: 48 | enabled: true 49 | annotations: 50 | kubernetes.io/ingress.class: nginx 51 | certmanager.k8s.io/cluster-issuer: "letsencrypt-production" 52 | path: / 53 | hosts: 54 | - hlc-pg.nephos.aidtech-test.xyz 55 | tls: 56 | - secretName: hl-composer-pg--tls 57 | hosts: 58 | - hlc-pg.nephos.aidtech-test.xyz 59 | -------------------------------------------------------------------------------- /examples/prod/helm_values/hlf-ca/ca.yaml: -------------------------------------------------------------------------------- 1 | image: 2 | tag: 1.3.0 3 | 4 | ingress: 5 | enabled: true 6 | annotations: 7 | kubernetes.io/ingress.class: nginx 8 | certmanager.k8s.io/cluster-issuer: "letsencrypt-production" 9 | path: / 10 | hosts: 11 | # TODO: Change this to your Domain Name 12 | - ca.nephos.local 13 | tls: 14 | - secretName: ca--tls 15 | hosts: 16 | # TODO: Change this to your Domain Name 17 | - ca.nephos.local 18 | 19 | persistence: 20 | accessMode: ReadWriteOnce 21 | size: 1Gi 22 | 23 | caName: ca 24 | 25 | externalDatabase: 26 | type: postgres 27 | host: ca-pg-postgresql 28 | username: postgres 29 | # password: 30 | database: fabric_ca 31 | port: "5432" 32 | 33 | config: 34 | hlfToolsVersion: 1.3.0 35 | csr: 36 | names: 37 | c: IE 38 | st: Dublin 39 | l: 40 | o: "AID:Tech" 41 | ou: Blockchain 42 | affiliations: 43 | aidtech: [] 44 | 45 | affinity: 46 | podAntiAffinity: 47 | preferredDuringSchedulingIgnoredDuringExecution: 48 | - weight: 95 49 | podAffinityTerm: 50 | topologyKey: "kubernetes.io/hostname" 51 | labelSelector: 52 | matchLabels: 53 | app: hlf-ca 54 | podAffinity: 55 | requiredDuringSchedulingIgnoredDuringExecution: 56 | - labelSelector: 57 | matchLabels: 58 | app: postgresql 59 | release: ca-pg 60 | topologyKey: "kubernetes.io/hostname" 61 | -------------------------------------------------------------------------------- /examples/prod/helm_values/hlf-couchdb/cdb-peer1.yaml: -------------------------------------------------------------------------------- 1 | image: 2 | tag: 0.4.10 3 | 4 | persistence: 5 | size: 1Gi 6 | 7 | affinity: 8 | podAntiAffinity: 9 | preferredDuringSchedulingIgnoredDuringExecution: 10 | - weight: 95 11 | podAffinityTerm: 12 | topologyKey: "kubernetes.io/hostname" 13 | labelSelector: 14 | matchLabels: 15 | app: hlf-couchdb 16 | -------------------------------------------------------------------------------- /examples/prod/helm_values/hlf-couchdb/cdb-peer2.yaml: -------------------------------------------------------------------------------- 1 | image: 2 | tag: 0.4.10 3 | 4 | persistence: 5 | size: 1Gi 6 | 7 | affinity: 8 | podAntiAffinity: 9 | preferredDuringSchedulingIgnoredDuringExecution: 10 | - weight: 95 11 | podAffinityTerm: 12 | topologyKey: "kubernetes.io/hostname" 13 | labelSelector: 14 | matchLabels: 15 | app: hlf-couchdb 16 | -------------------------------------------------------------------------------- /examples/prod/helm_values/hlf-ord/ord1.yaml: -------------------------------------------------------------------------------- 1 | image: 2 | tag: 1.3.0 3 | 4 | persistence: 5 | accessMode: ReadWriteOnce 6 | size: 1Gi 7 | 8 | ord: 9 | type: kafka 10 | mspID: OrdererMSP 11 | 12 | secrets: 13 | ord: 14 | cert: hlf--ord1-idcert 15 | key: hlf--ord1-idkey 16 | caCert: hlf--ordadmin-cacert 17 | genesis: hlf--genesis 18 | adminCert: hlf--ordadmin-idcert 19 | 20 | affinity: 21 | podAntiAffinity: 22 | preferredDuringSchedulingIgnoredDuringExecution: 23 | - weight: 95 24 | podAffinityTerm: 25 | topologyKey: "kubernetes.io/hostname" 26 | labelSelector: 27 | matchLabels: 28 | app: hlf-ord 29 | -------------------------------------------------------------------------------- /examples/prod/helm_values/hlf-ord/ord2.yaml: -------------------------------------------------------------------------------- 1 | image: 2 | tag: 1.3.0 3 | 4 | persistence: 5 | accessMode: ReadWriteOnce 6 | size: 1Gi 7 | 8 | ord: 9 | type: kafka 10 | mspID: OrdererMSP 11 | 12 | secrets: 13 | ord: 14 | cert: hlf--ord2-idcert 15 | key: hlf--ord2-idkey 16 | caCert: hlf--ordadmin-cacert 17 | genesis: hlf--genesis 18 | adminCert: hlf--ordadmin-idcert 19 | 20 | affinity: 21 | podAntiAffinity: 22 | preferredDuringSchedulingIgnoredDuringExecution: 23 | - weight: 95 24 | podAffinityTerm: 25 | topologyKey: "kubernetes.io/hostname" 26 | labelSelector: 27 | matchLabels: 28 | app: hlf-ord 29 | -------------------------------------------------------------------------------- /examples/prod/helm_values/hlf-peer/peer1.yaml: -------------------------------------------------------------------------------- 1 | image: 2 | tag: 1.3.0 3 | 4 | persistence: 5 | accessMode: ReadWriteOnce 6 | size: 1Gi 7 | 8 | peer: 9 | databaseType: CouchDB 10 | couchdbInstance: cdb-peer1 11 | mspID: PeerMSP 12 | 13 | secrets: 14 | peer: 15 | cert: hlf--peer1-idcert 16 | key: hlf--peer1-idkey 17 | caCert: hlf--peeradmin-cacert 18 | channel: hlf--channel 19 | adminCert: hlf--peeradmin-idcert 20 | adminKey: hlf--peeradmin-idkey 21 | 22 | affinity: 23 | podAntiAffinity: 24 | preferredDuringSchedulingIgnoredDuringExecution: 25 | - weight: 95 26 | podAffinityTerm: 27 | topologyKey: "kubernetes.io/hostname" 28 | labelSelector: 29 | matchLabels: 30 | app: hlf-peer 31 | -------------------------------------------------------------------------------- /examples/prod/helm_values/hlf-peer/peer2.yaml: -------------------------------------------------------------------------------- 1 | image: 2 | tag: 1.3.0 3 | 4 | persistence: 5 | accessMode: ReadWriteOnce 6 | size: 1Gi 7 | 8 | peer: 9 | databaseType: CouchDB 10 | couchdbInstance: cdb-peer2 11 | mspID: PeerMSP 12 | 13 | secrets: 14 | peer: 15 | cert: hlf--peer2-idcert 16 | key: hlf--peer2-idkey 17 | # TODO: This should not be numbered 18 | caCert: hlf--peeradmin-cacert 19 | channel: hlf--channel 20 | adminCert: hlf--peeradmin-idcert 21 | adminKey: hlf--peeradmin-idkey 22 | caServerTls: ca--tls 23 | 24 | affinity: 25 | podAntiAffinity: 26 | preferredDuringSchedulingIgnoredDuringExecution: 27 | - weight: 95 28 | podAffinityTerm: 29 | topologyKey: "kubernetes.io/hostname" 30 | labelSelector: 31 | matchLabels: 32 | app: hlf-peer 33 | -------------------------------------------------------------------------------- /examples/prod/helm_values/kafka/kafka-hlf.yaml: -------------------------------------------------------------------------------- 1 | ## The StatefulSet installs 3 pods by default 2 | replicas: 4 3 | 4 | ## The kafka image repository 5 | image: "confluentinc/cp-kafka" 6 | 7 | ## The kafka image tag 8 | imageTag: "4.1.1-2" 9 | 10 | ## If RBAC is enabled on the cluster, the Kafka init container needs a service account 11 | ## with permissisions sufficient to apply pod labels 12 | rbac: 13 | enabled: true 14 | 15 | ## Pod scheduling preferences (by default keep pods within a release on separate nodes). 16 | ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity 17 | affinity: 18 | podAntiAffinity: 19 | requiredDuringSchedulingIgnoredDuringExecution: 20 | - topologyKey: "kubernetes.io/hostname" 21 | labelSelector: 22 | matchLabels: 23 | app: kafka 24 | release: kafka-hlf 25 | podAffinity: 26 | preferredDuringSchedulingIgnoredDuringExecution: 27 | - weight: 50 28 | podAffinityTerm: 29 | topologyKey: "kubernetes.io/hostname" 30 | labelSelector: 31 | matchLabels: 32 | app: zookeeper 33 | release: kafka-hlf 34 | 35 | ## Configuration Overrides. Specify any Kafka settings you would like set on the StatefulSet 36 | ## here in map format, as defined in the official docs. 37 | ## ref: https://kafka.apache.org/documentation/#brokerconfigs 38 | ## 39 | configurationOverrides: 40 | "offsets.topic.replication.factor": 3 41 | # "auto.leader.rebalance.enable": true 42 | # "controlled.shutdown.enable": true 43 | # "controlled.shutdown.max.retries": 100 44 | "auto.create.topics.enable": true # Useful to enable the Node.js client to create topics as required 45 | 46 | # NOTE: The below are required for Hyperledger Fabric orderer to work (but last one is problematic for normal setups - best to keep separate Kafka clusters for logs/HLF) 47 | "default.replication.factor": 3 48 | "unclean.leader.election.enable": false 49 | "min.insync.replicas": 2 50 | "message.max.bytes": "103809024" # 99 * 1024 * 1024 B 51 | "replica.fetch.max.bytes": "103809024" # 99 * 1024 * 1024 B 52 | "log.retention.ms": -1 # This should be only used for the HL Fabric Orderer (which needs to keep all logs) 53 | 54 | ## Persistence configuration. Specify if and how to persist data to a persistent volume. 55 | persistence: 56 | enabled: true 57 | 58 | ## The size of the PersistentVolume to allocate to each Kafka Pod in the StatefulSet 59 | size: "1Gi" 60 | 61 | ## Prometheus Exporters / Metrics 62 | prometheus: 63 | ## Prometheus JMX Exporter: exposes the majority of Kafkas metrics 64 | jmx: 65 | enabled: true 66 | 67 | ## Prometheus Kafka Exporter: exposes complimentary metrics to JMX Exporter 68 | kafka: 69 | enabled: true 70 | 71 | # ------------------------------------------------------------------------------ 72 | # Zookeeper: 73 | # ------------------------------------------------------------------------------ 74 | zookeeper: 75 | ## If true, install the Zookeeper chart alongside Kafka 76 | ## ref: https://github.com/kubernetes/charts/tree/master/incubator/zookeeper 77 | enabled: true 78 | 79 | ## Explicitly set the number of replicas of Zookeeper 80 | replicaCount: 3 81 | 82 | ## Configure Zookeeper resource requests and limits 83 | ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ 84 | resources: ~ 85 | 86 | ## The JVM heap size to allocate to Zookeeper 87 | env: 88 | ZK_HEAP_SIZE: "1G" 89 | 90 | persistence: 91 | enabled: true 92 | ## The amount of PV storage allocated to each Zookeeper pod in the statefulset 93 | size: "1Gi" 94 | 95 | ## Pod scheduling preferences (by default keep pods within a release on separate nodes). 96 | ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity 97 | affinity: # Criteria by which pod label-values influence scheduling for zookeeper pods. 98 | podAntiAffinity: 99 | requiredDuringSchedulingIgnoredDuringExecution: 100 | - topologyKey: "kubernetes.io/hostname" 101 | labelSelector: 102 | matchLabels: 103 | app: zookeeper 104 | release: kafka-hlf 105 | -------------------------------------------------------------------------------- /examples/prod/helm_values/postgres-ca/ca-pg.yaml: -------------------------------------------------------------------------------- 1 | imageTag: "9.6.2" 2 | 3 | # postgresPassword: 4 | postgresDatabase: fabric_ca 5 | 6 | persistence: 7 | enabled: true 8 | size: 1Gi 9 | 10 | affinity: 11 | podAntiAffinity: 12 | requiredDuringSchedulingIgnoredDuringExecution: 13 | - topologyKey: "kubernetes.io/hostname" 14 | labelSelector: 15 | matchLabels: 16 | app: postgresql 17 | -------------------------------------------------------------------------------- /examples/prod/nephos_config.yaml: -------------------------------------------------------------------------------- 1 | core: 2 | # Comment out to make it work on your cluster 3 | cluster: minikube 4 | # ChartMuseum repository or directory holding charts 5 | chart_repo: stable 6 | # Directory where we hold configtx.yaml 7 | dir_config: ./examples/prod/config 8 | # Directory where we hold: 9 | # 1) cryptographic material 10 | # 2) genesis block and 11 | # 3) channel transaction 12 | dir_crypto: ./examples/prod/crypto 13 | # Directory where the Helm Chart values reside 14 | dir_values: ./examples/prod/helm_values 15 | cas: 16 | ca: 17 | namespace: cas 18 | # If testing locally on Minikube, replace this with your own self-signed certificate's PEM 19 | tls_cert: ./nephos/extras/Lets_Encrypt_Authority_X3.pem 20 | msps: 21 | OrdererMSP: 22 | ca: ca 23 | namespace: orderers 24 | org_admin: ordadmin 25 | PeerMSP: 26 | ca: ca 27 | namespace: peers 28 | org_admin: peeradmin 29 | orderers: 30 | domain: orderers.svc.cluster.local 31 | msp: OrdererMSP 32 | names: 33 | - ord1 34 | - ord2 35 | secret_genesis: hlf--genesis 36 | kafka: 37 | pod_num: 4 38 | peers: 39 | domain: peers.svc.cluster.local 40 | msp: PeerMSP 41 | names: 42 | - peer1 43 | - peer2 44 | channel_name: mychannel 45 | channel_profile: MyChannel 46 | secret_channel: hlf--channel 47 | # This is only used when we implement a Composer network 48 | composer: 49 | name: hlc 50 | secret_bna: hlc--bna 51 | secret_connection: hlc--connection 52 | -------------------------------------------------------------------------------- /examples/qa/config/configtx.yaml: -------------------------------------------------------------------------------- 1 | # Copyright IBM Corp. All Rights Reserved. 2 | # 3 | # SPDX-License-Identifier: Apache-2.0 4 | # 5 | 6 | ################################################################################ 7 | # 8 | # Section: Organizations 9 | # 10 | # - This section defines the different organizational identities which will 11 | # be referenced later in the configuration. 12 | # 13 | ################################################################################ 14 | Organizations: 15 | 16 | # SampleOrg defines an MSP using the sampleconfig. It should never be used 17 | # in production but may be used as a template for other definitions 18 | - &OrdererOrg 19 | # DefaultOrg defines the organization which is used in the sampleconfig 20 | # of the fabric.git development environment 21 | Name: OrdererOrg 22 | 23 | # ID to load the MSP definition as 24 | ID: OrdererMSP 25 | 26 | # MSPDir is the filesystem path which contains the MSP configuration 27 | MSPDir: ../crypto/OrdererMSP 28 | 29 | # turn off security for the channel 30 | AdminPrincipal: Role.MEMBER 31 | 32 | # Organization controlling both peers and Orderers 33 | - &PeerOrg 34 | Name: PeerOrg 35 | 36 | # ID to load the MSP definition as 37 | ID: PeerMSP 38 | 39 | MSPDir: ../crypto/PeerMSP 40 | 41 | # turn off security for the peer 42 | AdminPrincipal: Role.MEMBER 43 | 44 | AnchorPeers: 45 | # AnchorPeers defines the location of peers that can be used 46 | # for cross org gossip communication. Note, this value is only 47 | # encoded in the genesis block in the Application section context 48 | - Host: peer1-hlf-peer.peers.svc.cluster.local 49 | Port: 7051 50 | 51 | ################################################################################ 52 | # 53 | # SECTION: Orderer 54 | # 55 | # - This section defines the values to encode into a config transaction or 56 | # genesis block for orderer related parameters 57 | # 58 | ################################################################################ 59 | Orderer: &OrdererDefaults 60 | 61 | # Orderer Type: The orderer implementation to start 62 | # Available types are "solo" and "kafka" 63 | OrdererType: solo 64 | 65 | Addresses: 66 | - ord1-hlf-ord.orderers.svc.cluster.local:7050 67 | 68 | # Batch Timeout: The amount of time to wait before creating a batch 69 | BatchTimeout: 2s 70 | 71 | # Batch Size: Controls the number of messages batched into a block 72 | BatchSize: 73 | 74 | # Max Message Count: The maximum number of messages to permit in a batch 75 | MaxMessageCount: 10 76 | 77 | # Absolute Max Bytes: The absolute maximum number of bytes allowed for 78 | # the serialized messages in a batch. 79 | AbsoluteMaxBytes: 98 MB 80 | 81 | # Preferred Max Bytes: The preferred maximum number of bytes allowed for 82 | # the serialized messages in a batch. A message larger than the preferred 83 | # max bytes will result in a batch larger than preferred max bytes. 84 | PreferredMaxBytes: 512 KB 85 | 86 | Kafka: 87 | # Brokers: A list of Kafka brokers to which the orderer connects 88 | # If using K8S, we specify the service exposing the brokers 89 | # NOTE: Use Address/IP:port notation 90 | Brokers: 91 | - kafka-hlf.orderers.svc.cluster.local:9092 92 | 93 | # Organizations is the list of orgs which are defined as participants on 94 | # the orderer side of the network 95 | Organizations: 96 | 97 | ################################################################################ 98 | # 99 | # SECTION: Application 100 | # 101 | # - This section defines the values to encode into a config transaction or 102 | # genesis block for application related parameters 103 | # 104 | ################################################################################ 105 | Application: &ApplicationDefaults 106 | 107 | # Organizations is the list of orgs which are defined as participants on 108 | # the application side of the network 109 | Organizations: 110 | 111 | ################################################################################ 112 | # 113 | # Profile 114 | # 115 | # - Different configuration profiles may be encoded here to be specified 116 | # as parameters to the configtxgen tool 117 | # 118 | ################################################################################ 119 | Profiles: 120 | 121 | OrdererGenesis: 122 | Orderer: 123 | <<: *OrdererDefaults 124 | Organizations: 125 | - *OrdererOrg 126 | Consortiums: 127 | MyConsortium: 128 | Organizations: 129 | - *PeerOrg 130 | MyChannel: 131 | Consortium: MyConsortium 132 | Application: 133 | <<: *ApplicationDefaults 134 | Organizations: 135 | - *PeerOrg 136 | -------------------------------------------------------------------------------- /examples/qa/helm_values/hl-composer/hlc.yaml: -------------------------------------------------------------------------------- 1 | persistence: 2 | enabled: true 3 | # Required since multiple containers need to access same file system 4 | accessMode: ReadWriteMany 5 | size: 1Gi 6 | # e.g. Custom Azure storage class 7 | # Using mountOptions "0750" for dir_mode/file_mode and "1000" for uid and gid 8 | storageClass: "azurefile0permissive" 9 | 10 | cli: 11 | image: 12 | tag: 0.20.0 13 | secrets: 14 | # This should contain the packaged .bna network file. 15 | blockchainNetwork: hlc--bna 16 | adminCert: hlf--peeradmin-idcert 17 | adminKey: hlf--peeradmin-idkey 18 | hlcConnection: hlc--connection 19 | 20 | rest: 21 | image: 22 | tag: 0.20.0 23 | # Ingress for Composer REST 24 | ingress: 25 | enabled: true 26 | annotations: 27 | kubernetes.io/ingress.class: nginx 28 | certmanager.k8s.io/cluster-issuer: "letsencrypt-production" 29 | path: / 30 | hosts: 31 | - hlc-rest.nephos.aidtech-test.xyz 32 | tls: 33 | - secretName: hlc-rest--tls 34 | hosts: 35 | - hlc-rest.nephos.aidtech-test.xyz 36 | 37 | config: 38 | # Composer REST server API key 39 | #apiKey: 40 | # Card for network connection 41 | composerRestServerCard: peeradmin@test-network 42 | 43 | pg: 44 | image: 45 | tag: 0.20.0 46 | # Ingress for Composer PlayGround 47 | ingress: 48 | enabled: true 49 | annotations: 50 | kubernetes.io/ingress.class: nginx 51 | certmanager.k8s.io/cluster-issuer: "letsencrypt-production" 52 | path: / 53 | hosts: 54 | - hlc-pg.nephos.aidtech-test.xyz 55 | tls: 56 | - secretName: hl-composer-pg--tls 57 | hosts: 58 | - hlc-pg.nephos.aidtech-test.xyz 59 | -------------------------------------------------------------------------------- /examples/qa/helm_values/hlf-ca/ca.yaml: -------------------------------------------------------------------------------- 1 | image: 2 | tag: 1.3.0 3 | 4 | ingress: 5 | enabled: true 6 | annotations: 7 | kubernetes.io/ingress.class: nginx 8 | # TODO: When working locally, we may wish to comment the cluster-issuer 9 | #certmanager.k8s.io/cluster-issuer: "letsencrypt-production" 10 | path: / 11 | hosts: 12 | # TODO: Change this to your Domain Name if not working locally 13 | - ca.nephos.local 14 | tls: 15 | - secretName: ca--tls 16 | hosts: 17 | # TODO: Change this to your Domain Name if not working locally 18 | - ca.nephos.local 19 | 20 | persistence: 21 | accessMode: ReadWriteOnce 22 | size: 1Gi 23 | 24 | caName: ca 25 | 26 | externalDatabase: 27 | type: postgres 28 | host: ca-pg-postgresql 29 | username: postgres 30 | # password: 31 | database: fabric_ca 32 | port: "5432" 33 | 34 | config: 35 | hlfToolsVersion: 1.3.0 36 | csr: 37 | names: 38 | c: IE 39 | st: Dublin 40 | l: 41 | o: "AID:Tech" 42 | ou: Blockchain 43 | affiliations: 44 | aidtech: [] 45 | 46 | affinity: 47 | podAntiAffinity: 48 | preferredDuringSchedulingIgnoredDuringExecution: 49 | - weight: 95 50 | podAffinityTerm: 51 | topologyKey: "kubernetes.io/hostname" 52 | labelSelector: 53 | matchLabels: 54 | app: hlf-ca 55 | podAffinity: 56 | requiredDuringSchedulingIgnoredDuringExecution: 57 | - labelSelector: 58 | matchLabels: 59 | app: postgresql 60 | release: ca-pg 61 | topologyKey: "kubernetes.io/hostname" 62 | -------------------------------------------------------------------------------- /examples/qa/helm_values/hlf-couchdb/cdb-peer1.yaml: -------------------------------------------------------------------------------- 1 | image: 2 | tag: 0.4.10 3 | 4 | persistence: 5 | size: 1Gi 6 | 7 | affinity: 8 | podAntiAffinity: 9 | preferredDuringSchedulingIgnoredDuringExecution: 10 | - weight: 95 11 | podAffinityTerm: 12 | topologyKey: "kubernetes.io/hostname" 13 | labelSelector: 14 | matchLabels: 15 | app: hlf-couchdb 16 | -------------------------------------------------------------------------------- /examples/qa/helm_values/hlf-ord/ord1.yaml: -------------------------------------------------------------------------------- 1 | image: 2 | tag: 1.3.0 3 | 4 | persistence: 5 | accessMode: ReadWriteOnce 6 | size: 1Gi 7 | 8 | ord: 9 | type: solo 10 | mspID: OrdererMSP 11 | 12 | secrets: 13 | ord: 14 | cert: hlf--ord1-idcert 15 | key: hlf--ord1-idkey 16 | caCert: hlf--ordadmin-cacert 17 | genesis: hlf--genesis 18 | adminCert: hlf--ordadmin-idcert 19 | 20 | affinity: 21 | podAntiAffinity: 22 | preferredDuringSchedulingIgnoredDuringExecution: 23 | - weight: 95 24 | podAffinityTerm: 25 | topologyKey: "kubernetes.io/hostname" 26 | labelSelector: 27 | matchLabels: 28 | app: hlf-ord 29 | -------------------------------------------------------------------------------- /examples/qa/helm_values/hlf-peer/peer1.yaml: -------------------------------------------------------------------------------- 1 | image: 2 | tag: 1.3.0 3 | 4 | persistence: 5 | accessMode: ReadWriteOnce 6 | size: 1Gi 7 | 8 | peer: 9 | databaseType: CouchDB 10 | couchdbInstance: cdb-peer1 11 | mspID: PeerMSP 12 | 13 | secrets: 14 | peer: 15 | cert: hlf--peer1-idcert 16 | key: hlf--peer1-idkey 17 | caCert: hlf--peeradmin-cacert 18 | channel: hlf--channel 19 | adminCert: hlf--peeradmin-idcert 20 | adminKey: hlf--peeradmin-idkey 21 | 22 | affinity: 23 | podAntiAffinity: 24 | preferredDuringSchedulingIgnoredDuringExecution: 25 | - weight: 95 26 | podAffinityTerm: 27 | topologyKey: "kubernetes.io/hostname" 28 | labelSelector: 29 | matchLabels: 30 | app: hlf-peer 31 | -------------------------------------------------------------------------------- /examples/qa/helm_values/postgres-ca/ca-pg.yaml: -------------------------------------------------------------------------------- 1 | imageTag: "9.6.2" 2 | 3 | # postgresPassword: 4 | postgresDatabase: fabric_ca 5 | 6 | persistence: 7 | enabled: true 8 | size: 1Gi 9 | 10 | affinity: 11 | podAntiAffinity: 12 | requiredDuringSchedulingIgnoredDuringExecution: 13 | - topologyKey: "kubernetes.io/hostname" 14 | labelSelector: 15 | matchLabels: 16 | app: postgresql 17 | -------------------------------------------------------------------------------- /examples/qa/nephos_config.yaml: -------------------------------------------------------------------------------- 1 | core: 2 | # Comment out to make it work on your cluster 3 | cluster: minikube 4 | # ChartMuseum repository or directory holding charts 5 | chart_repo: stable 6 | # Directory where we hold configtx.yaml 7 | dir_config: ./examples/qa/config 8 | # Directory where we hold: 9 | # 1) cryptographic material 10 | # 2) genesis block and 11 | # 3) channel transaction 12 | dir_crypto: ./examples/qa/crypto 13 | # Directory where the Helm Chart values reside 14 | dir_values: ./examples/qa/helm_values 15 | cas: 16 | ca: 17 | namespace: cas 18 | # If testing locally on Minikube, we use our own self-signed certificate's PEM 19 | tls_cert: ./examples/ca-nephos-local.pem 20 | # Alternatively, if testing on a cluster with proper DNS and cert-manager... 21 | #tls_cert: ./nephos/extras/Lets_Encrypt_Authority_X3.pem 22 | msps: 23 | OrdererMSP: 24 | ca: ca 25 | namespace: orderers 26 | org_admin: ordadmin 27 | PeerMSP: 28 | ca: ca 29 | namespace: peers 30 | org_admin: peeradmin 31 | orderers: 32 | domain: orderers.svc.cluster.local 33 | msp: OrdererMSP 34 | names: 35 | - ord1 36 | secret_genesis: hlf--genesis 37 | peers: 38 | domain: peers.svc.cluster.local 39 | msp: PeerMSP 40 | names: 41 | - peer1 42 | channel_name: mychannel 43 | channel_profile: MyChannel 44 | secret_channel: hlf--channel 45 | # This is only used when we implement a Composer network 46 | composer: 47 | name: hlc 48 | secret_bna: hlc--bna 49 | secret_connection: hlc--connection 50 | -------------------------------------------------------------------------------- /integration/test_dev.py: -------------------------------------------------------------------------------- 1 | import os 2 | 3 | from nephos.fabric.settings import load_config, check_cluster 4 | from nephos.helpers.misc import execute 5 | from nephos.runners import runner_fabric 6 | 7 | CURRENT_PATH = os.path.abspath(os.path.split(__file__)[0]) 8 | 9 | 10 | class TestIntegrationDev: 11 | # We will check cluster and flatly refuse to do integration testing unless on 'minikube' 12 | CONTEXT = "minikube" 13 | CONFIG = os.path.join(CURRENT_PATH, "..", "examples", "dev", "nephos_config.yaml") 14 | 15 | def test_integration_dev(self): 16 | # Get options 17 | opts = load_config(self.CONFIG) 18 | 19 | # TODO: There should be a more elegant way of obtaining all the releases 20 | releases = ( 21 | [key for key in opts["cas"].keys()] 22 | + [key + "-pg" for key in opts["cas"].keys()] 23 | + opts["orderers"]["names"] 24 | + [("cdb-" + key) for key in opts["peers"]["names"]] 25 | + [key for key in opts["peers"]["names"]] 26 | ) 27 | 28 | # Run Fabric script 29 | check_cluster( 30 | self.CONTEXT 31 | ) # Dangerous operation, recheck we have not shifted context 32 | runner_fabric(opts) 33 | 34 | # Delete all deployments from Helm 35 | check_cluster( 36 | self.CONTEXT 37 | ) # Dangerous operation, recheck we have not shifted context 38 | execute("helm delete --purge {}".format(" ".join(releases))) 39 | 40 | # Delete the namespaces 41 | check_cluster( 42 | self.CONTEXT 43 | ) # Dangerous operation, recheck we have not shifted context 44 | execute("kubectl delete ns orderers peers".format(" ".join(releases))) 45 | -------------------------------------------------------------------------------- /integration/test_qa.py: -------------------------------------------------------------------------------- 1 | import os 2 | 3 | from nephos.fabric.settings import load_config, check_cluster 4 | from nephos.helpers.k8s import ns_create 5 | from nephos.helpers.misc import execute 6 | from nephos.runners import runner_fabric 7 | 8 | CURRENT_PATH = os.path.abspath(os.path.split(__file__)[0]) 9 | 10 | 11 | class TestIntegrationQa: 12 | # We will check cluster and flatly refuse to do integration testing unless on 'minikube' 13 | CONTEXT = "minikube" 14 | CONFIG = os.path.join(CURRENT_PATH, "..", "examples", "qa", "nephos_config.yaml") 15 | TLS_PATH = os.path.join(CURRENT_PATH, "..", "examples", "ca-nephos-local") 16 | 17 | def test_integration_qa(self): 18 | # Get options 19 | opts = load_config(self.CONFIG) 20 | 21 | # Save TLS of each CA in its relevant secret 22 | ns_create("cas") 23 | 24 | # TODO: Eventually we should enable getting path for multiple CAs programatically 25 | execute( 26 | ( 27 | "kubectl -n cas create secret tls ca--tls " 28 | + "--cert={tls_path}.crt " 29 | + "--key={tls_path}.key" 30 | ).format(tls_path=self.TLS_PATH) 31 | ) 32 | 33 | # TODO: There should be a more elegant way of obtaining all the releases 34 | releases = ( 35 | [key for key in opts["cas"].keys()] 36 | + [key + "-pg" for key in opts["cas"].keys()] 37 | + opts["orderers"]["names"] 38 | + [("cdb-" + key) for key in opts["peers"]["names"]] 39 | + [key for key in opts["peers"]["names"]] 40 | ) 41 | 42 | # Run Fabric script 43 | check_cluster( 44 | self.CONTEXT 45 | ) # Dangerous operation, recheck we have not shifted context 46 | runner_fabric(opts) 47 | 48 | # Delete all deployments from Helm 49 | check_cluster( 50 | self.CONTEXT 51 | ) # Dangerous operation, recheck we have not shifted context 52 | execute("helm delete --purge {}".format(" ".join(releases))) 53 | 54 | # Delete the namespaces 55 | check_cluster( 56 | self.CONTEXT 57 | ) # Dangerous operation, recheck we have not shifted context 58 | execute("kubectl delete ns cas orderers peers".format(" ".join(releases))) 59 | -------------------------------------------------------------------------------- /nephos/__init__.py: -------------------------------------------------------------------------------- 1 | # Copyright [2018] [Alejandro Vicente Grabovetsky via AID:Tech] 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at# 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | from . import composer, fabric, helpers 16 | 17 | __all__ = ["composer", "fabric", "helpers"] 18 | -------------------------------------------------------------------------------- /nephos/composer/__init__.py: -------------------------------------------------------------------------------- 1 | # Copyright [2018] [Alejandro Vicente Grabovetsky via AID:Tech] 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at# 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | from . import connection_template, install, upgrade 16 | 17 | __all__ = ["connection_template", "install", "upgrade"] 18 | -------------------------------------------------------------------------------- /nephos/composer/connection_template.py: -------------------------------------------------------------------------------- 1 | # Copyright [2018] [Alejandro Vicente Grabovetsky via AID:Tech] 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at# 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | import json 16 | 17 | from nephos.fabric.settings import get_namespace 18 | 19 | """Connection template. 20 | 21 | This module sets up a connection_json for Hyperledger Composer. 22 | """ 23 | 24 | 25 | # TODO: We need to improve this to be better organised, and use information from Kubernetes: 26 | # TODO: Peer addresses should depend on whether we are using internal addresses only or using an ingress. 27 | # TODO: Organisation name/subdomain should be a variable 28 | # TODO: Ports should depend on whether internal/external addresses 29 | # TODO: CA Host should be obtained via Kubernetes configuration 30 | def define_orderers(orderer_names, orderer_hosts, domain=None): 31 | """Define orderers as connection objects. 32 | 33 | Args: 34 | orderer_names (list): List of orderer names. 35 | orderer_hosts (list): List of orderer hosts. 36 | domain (str): Domain used. Defaults to none. 37 | 38 | Returns: 39 | dict: A dictionary of Orderer Connections 40 | """ 41 | orderer_connections = {} 42 | for name, host in zip(orderer_names, orderer_hosts): 43 | if domain: 44 | key = "{name}.{domain}".format(name=name, domain=domain) 45 | else: 46 | key = name 47 | orderer_connections[key] = {"url": ("grpc://" + host + ":7050")} 48 | return orderer_connections 49 | 50 | 51 | def define_peers(peer_names, peer_hosts, organisation, domain=None): 52 | """Define peers as connection objects. 53 | 54 | Args: 55 | peer_names (list): List of peer names. 56 | peer_hosts (list): List of peer hosts. 57 | organisation (str): What organisation the peers belong to 58 | domain (str): Domain used. Defaults to none. 59 | 60 | Returns: 61 | tuple: A tuple of dictionaries with Peer Options and Peer Connections. 62 | """ 63 | peer_options = {} 64 | peer_connections = {} 65 | for name, host in zip(peer_names, peer_hosts): 66 | if domain: 67 | key = "{name}.{organisation}.{domain}".format( 68 | name=name, organisation=organisation, domain=domain 69 | ) 70 | else: 71 | key = name 72 | peer_options[key] = { 73 | "chaincodeQuery": True, 74 | "endorsingPeer": True, 75 | "eventSource": True, 76 | "ledgerQuery": True, 77 | } 78 | peer_connections[key] = { 79 | "url": ("grpc://" + host + ":7051"), 80 | "eventUrl": ("grpc://" + host + ":7053"), 81 | } 82 | return peer_options, peer_connections 83 | 84 | 85 | def json_ct(opts, ca_name, ca_host, organisation, domain, msp_id, channel): 86 | """JSON connection template. 87 | 88 | Args: 89 | opts (dict): Nephos options dict. 90 | ca_name (str): Name of CA for Peers. 91 | ca_host (str): CA host address. 92 | organisation (str): What organisation the peers belong to. 93 | domain (str): Domain used. 94 | msp_id (str): ID of the MSP of the peers. 95 | channel (str): Channel name. 96 | 97 | Returns: 98 | dict: A dictionary representing the JSON connection template. 99 | """ 100 | # Derive variables 101 | peer_namespace = get_namespace(opts, opts["peers"]["msp"]) 102 | ord_namespace = get_namespace(opts, opts["orderers"]["msp"]) 103 | # TODO: Currently specific to intra-cluster communication (Service) 104 | peer_hosts = [ 105 | peer + "-hlf-peer.{ns}.svc.cluster.local".format(ns=peer_namespace) 106 | for peer in opts["peers"]["names"] 107 | ] 108 | orderer_hosts = [ 109 | orderer + "-hlf-ord.{ns}.svc.cluster.local".format(ns=ord_namespace) 110 | for orderer in opts["orderers"]["names"] 111 | ] 112 | # Get peers 113 | peer_options, peer_connections = define_peers( 114 | opts["peers"]["names"], peer_hosts, organisation, domain 115 | ) 116 | peer_names = [key for key, value in peer_options.items()] 117 | # Get orderers 118 | orderer_connections = define_orderers( 119 | opts["orderers"]["names"], orderer_hosts, domain 120 | ) 121 | orderer_names = [key for key, value in orderer_connections.items()] 122 | return json.dumps( 123 | { 124 | "name": "hlfv1", 125 | "x-type": "hlfv1", 126 | "x-commitTimeout": 100, 127 | "version": "1.0.0", 128 | "client": { 129 | "organization": organisation, 130 | "connection": { 131 | "timeout": { 132 | "peer": { 133 | "endorser": "300", 134 | "eventHub": "300", 135 | "eventReg": "300", 136 | }, 137 | "orderer": "300", 138 | } 139 | }, 140 | }, 141 | "channels": {channel: {"orderers": orderer_names, "peers": peer_options}}, 142 | "organizations": { 143 | organisation: { 144 | "mspid": msp_id, 145 | "peers": peer_names, 146 | "certificateAuthorities": [ca_name], 147 | } 148 | }, 149 | "orderers": orderer_connections, 150 | "peers": peer_connections, 151 | "certificateAuthorities": { 152 | ca_name: { 153 | "url": ("https://" + ca_host + ":443"), 154 | "caName": ca_name, 155 | # TODO: Ideally this should be set to True 156 | "httpOptions": {"verify": False}, 157 | } 158 | }, 159 | } 160 | ) 161 | -------------------------------------------------------------------------------- /nephos/composer/upgrade.py: -------------------------------------------------------------------------------- 1 | #! /usr/bin/env python 2 | 3 | # Copyright [2018] [Alejandro Vicente Grabovetsky via AID:Tech] 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at# 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | 17 | import os 18 | 19 | from nephos.fabric.settings import get_namespace 20 | from nephos.fabric.utils import get_pod 21 | from nephos.helpers.k8s import secret_from_file 22 | 23 | CURRENT_DIR = os.path.abspath(os.path.split(__file__)[0]) 24 | 25 | 26 | def upgrade_network(opts, verbose=False): 27 | """Upgrade Hyperledger Composer network. 28 | 29 | Args: 30 | opts (dict): Nephos options dict. 31 | verbose (bool): Verbosity. False by default. 32 | """ 33 | peer_namespace = get_namespace(opts, opts["peers"]["msp"]) 34 | secret_from_file( 35 | secret=opts["composer"]["secret_bna"], namespace=peer_namespace, verbose=verbose 36 | ) 37 | # Set up the PeerAdmin card 38 | hlc_cli_ex = get_pod(peer_namespace, "hlc", "hl-composer", verbose=verbose) 39 | 40 | bna, _ = hlc_cli_ex.execute("ls /hl_config/blockchain_network") 41 | bna_name, bna_rem = bna.split("_") 42 | bna_version, _ = bna_rem.split(".bna") 43 | peer_msp = opts["peers"]["msp"] 44 | bna_admin = opts["msps"][peer_msp]["org_admin"] 45 | 46 | res, _ = hlc_cli_ex.execute( 47 | "composer network ping --card {bna_admin}@{bna_name}".format( 48 | bna_admin=bna_admin, bna_name=bna_name 49 | ) 50 | ) 51 | 52 | curr_version = (res.split("Business network version: ")[1]).split()[0] 53 | print(curr_version) 54 | 55 | if curr_version != bna_version: 56 | hlc_cli_ex.execute( 57 | ( 58 | "composer network install --card PeerAdmin@hlfv1 " 59 | + "--archiveFile /hl_config/blockchain_network/{bna}" 60 | ).format(bna=bna) 61 | ) 62 | hlc_cli_ex.execute( 63 | ( 64 | "composer network upgrade " 65 | + "--card PeerAdmin@hlfv1 " 66 | + "--networkName {bna_name} --networkVersion {bna_version}" 67 | ).format(bna_name=bna_name, bna_version=bna_version) 68 | ) 69 | res, _ = hlc_cli_ex.execute( 70 | "composer network ping --card {bna_admin}@{bna_name}".format( 71 | bna_admin=bna_admin, bna_name=bna_name 72 | ) 73 | ) 74 | curr_version = (res.split("Business network version: ")[1]).split()[0] 75 | print("Upgraded to {version}".format(version=curr_version)) 76 | -------------------------------------------------------------------------------- /nephos/deploy.py: -------------------------------------------------------------------------------- 1 | #! /usr/bin/env python 2 | 3 | # Copyright [2018] [Alejandro Vicente Grabovetsky via AID:Tech] 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at# 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | 17 | import json 18 | 19 | import click 20 | from blessings import Terminal 21 | 22 | from nephos.runners import ( 23 | runner_ca, 24 | runner_composer, 25 | runner_composer_up, 26 | runner_crypto, 27 | runner_deploy, 28 | runner_fabric, 29 | runner_orderer, 30 | runner_peer, 31 | ) 32 | 33 | from nephos.fabric.settings import load_config 34 | 35 | 36 | TERM = Terminal() 37 | 38 | 39 | class Settings(object): 40 | def __init__(self, settings_file, upgrade, verbose): 41 | self.settings_file = settings_file 42 | self.upgrade = upgrade 43 | self.verbose = verbose 44 | 45 | 46 | pass_settings = click.make_pass_decorator(Settings, ensure=True) 47 | 48 | 49 | @click.group( 50 | help=TERM.green("Nephos helps you install Hyperledger Fabric on Kubernetes") 51 | ) 52 | @click.option( 53 | "--settings_file", 54 | "-f", 55 | required=True, 56 | help=TERM.cyan("YAML file containing HLF options"), 57 | ) 58 | @click.option( 59 | "--upgrade", 60 | "-u", 61 | is_flag=True, 62 | default=False, 63 | help=TERM.cyan("Do we wish to upgrade already installed components?"), 64 | ) 65 | @click.option( 66 | "--verbose/--quiet", 67 | "-v/-q", 68 | default=False, 69 | help=TERM.cyan("Do we want verbose output?"), 70 | ) 71 | @click.pass_context 72 | def cli(ctx, settings_file, upgrade, verbose): 73 | ctx.obj = Settings(settings_file, upgrade, verbose) 74 | 75 | 76 | @cli.command(help=TERM.cyan("Install Hyperledger Fabric Certificate Authorities")) 77 | @pass_settings 78 | def cert_auth(settings): 79 | opts = load_config(settings.settings_file) 80 | runner_ca(opts, upgrade=settings.upgrade, verbose=settings.verbose) 81 | 82 | 83 | @cli.command(help=TERM.cyan("Install Hyperledger Composer")) 84 | @pass_settings 85 | def composer(settings): 86 | opts = load_config(settings.settings_file) 87 | runner_composer(opts, upgrade=settings.upgrade, verbose=settings.verbose) 88 | 89 | 90 | @cli.command(help=TERM.cyan("Upgrade Hyperledger Composer")) 91 | @pass_settings 92 | def composer_up(settings): 93 | opts = load_config(settings.settings_file) 94 | runner_composer_up(opts, verbose=settings.verbose) 95 | 96 | 97 | @cli.command(help=TERM.cyan("Obtain cryptographic materials from CAs")) 98 | @pass_settings 99 | def crypto(settings): 100 | opts = load_config(settings.settings_file) 101 | runner_crypto(opts, verbose=settings.verbose) 102 | 103 | 104 | # TODO: Can we compose several CLI commands here to avoid copied code? 105 | @cli.command(help=TERM.cyan("Install end-to-end Fabric/Composer network")) 106 | @pass_settings 107 | def deploy(settings): 108 | opts = load_config(settings.settings_file) 109 | runner_deploy(opts, upgrade=settings.upgrade, verbose=settings.verbose) 110 | 111 | 112 | @cli.command(help=TERM.cyan("Install end-to-end Hyperledger Fabric network")) 113 | @pass_settings 114 | def fabric(settings): 115 | opts = load_config(settings.settings_file) 116 | runner_fabric(opts, upgrade=settings.upgrade, verbose=settings.verbose) 117 | 118 | 119 | @cli.command(help=TERM.cyan("Install Hyperledger Fabric Orderers")) 120 | @pass_settings 121 | def orderer(settings): 122 | opts = load_config(settings.settings_file) 123 | runner_orderer(opts, upgrade=settings.upgrade, verbose=settings.verbose) 124 | 125 | 126 | @cli.command(help=TERM.cyan("Install Hyperledger Fabric Peers")) 127 | @pass_settings 128 | def peer(settings): 129 | opts = load_config(settings.settings_file) 130 | runner_peer(opts, upgrade=settings.upgrade, verbose=settings.verbose) 131 | 132 | 133 | @cli.command(help=TERM.cyan('Load "nephos" settings YAML file')) 134 | @pass_settings 135 | def settings(settings): 136 | data = load_config(settings.settings_file) 137 | print("Settings successfully loaded...\n") 138 | if settings.verbose: 139 | # TODO: Pretty print & colorise output 140 | print(json.dumps(data, indent=4)) 141 | 142 | 143 | if __name__ == "__main__": # pragma: no cover 144 | cli(obj={}) 145 | -------------------------------------------------------------------------------- /nephos/extras/Lets_Encrypt_Authority_X3.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/ 3 | MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT 4 | DkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0Nlow 5 | SjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT 6 | GkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOC 7 | AQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EF 8 | q6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8 9 | SMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0 10 | Z8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWA 11 | a6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj 12 | /PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0T 13 | AQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIG 14 | CCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNv 15 | bTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9k 16 | c3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAw 17 | VAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcC 18 | ARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAz 19 | MDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwu 20 | Y3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsF 21 | AAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJo 22 | uM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/ 23 | wApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwu 24 | X4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlG 25 | PfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6 26 | KOqkqm57TH2H3eDJAkSnh6/DNFu0Qg== 27 | -----END CERTIFICATE----- 28 | -------------------------------------------------------------------------------- /nephos/extras/helm-rbac.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: tiller 5 | namespace: kube-system 6 | --- 7 | apiVersion: rbac.authorization.k8s.io/v1beta1 8 | kind: ClusterRoleBinding 9 | metadata: 10 | name: tiller 11 | roleRef: 12 | apiGroup: rbac.authorization.k8s.io 13 | kind: ClusterRole 14 | name: cluster-admin 15 | subjects: 16 | - kind: ServiceAccount 17 | name: tiller 18 | namespace: kube-system 19 | -------------------------------------------------------------------------------- /nephos/fabric/__init__.py: -------------------------------------------------------------------------------- 1 | # Copyright [2018] [Alejandro Vicente Grabovetsky via AID:Tech] 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at# 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | from . import ca, crypto, ord, peer, settings, utils 16 | 17 | __all__ = ["ca", "crypto", "ord", "peer", "settings", "utils"] 18 | -------------------------------------------------------------------------------- /nephos/fabric/ca.py: -------------------------------------------------------------------------------- 1 | # Copyright [2018] [Alejandro Vicente Grabovetsky via AID:Tech] 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at# 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | from os import path 16 | from time import sleep 17 | 18 | from kubernetes.client.rest import ApiException 19 | from nephos.fabric.settings import get_namespace 20 | from nephos.fabric.utils import get_pod 21 | from nephos.helpers.helm import HelmPreserve, helm_install, helm_upgrade 22 | from nephos.helpers.k8s import ingress_read, secret_read 23 | from nephos.helpers.misc import execute_until_success 24 | 25 | CURRENT_DIR = path.abspath(path.split(__file__)[0]) 26 | 27 | 28 | # Core sub-functions 29 | def ca_chart(opts, release, upgrade=False, verbose=False): 30 | """Deploy CA Helm chart to K8S. 31 | 32 | Args: 33 | opts (dict): Nephos options dict. 34 | release (str): Name of the Helm Chart release. 35 | upgrade (bool): Do we upgrade the deployment? False by default. 36 | verbose (bool): Verbosity. False by default. 37 | """ 38 | values_dir = opts["core"]["dir_values"] 39 | repository = opts["core"]["chart_repo"] 40 | ca_namespace = get_namespace(opts, ca=release) 41 | # PostgreSQL (Upgrades here are dangerous, deactivated by default) 42 | helm_install( 43 | "stable", 44 | "postgresql", 45 | "{}-pg".format(release), 46 | ca_namespace, 47 | config_yaml="{dir}/postgres-ca/{name}-pg.yaml".format( 48 | dir=values_dir, name=release 49 | ), 50 | verbose=verbose, 51 | ) 52 | psql_secret = secret_read( 53 | "{}-pg-postgresql".format(release), ca_namespace, verbose=verbose 54 | ) 55 | # Different key depending of PostgreSQL version 56 | psql_password = ( 57 | psql_secret.get("postgres-password") or psql_secret["postgresql-password"] 58 | ) 59 | env_vars = [("externalDatabase.password", psql_password)] 60 | # Fabric CA 61 | if not upgrade: 62 | helm_install( 63 | repository, 64 | "hlf-ca", 65 | release, 66 | ca_namespace, 67 | config_yaml="{dir}/hlf-ca/{name}.yaml".format(dir=values_dir, name=release), 68 | env_vars=env_vars, 69 | verbose=verbose, 70 | ) 71 | else: 72 | # TODO: Remove this try/catch once all CAs are updated 73 | try: 74 | preserve = ( 75 | HelmPreserve("{}-hlf-ca".format(release), "CA_ADMIN", "adminUsername"), 76 | HelmPreserve( 77 | "{}-hlf-ca".format(release), "CA_PASSWORD", "adminPassword" 78 | ), 79 | ) 80 | helm_upgrade( 81 | repository, 82 | "hlf-ca", 83 | release, 84 | ca_namespace, 85 | config_yaml="{dir}/hlf-ca/{name}.yaml".format( 86 | dir=values_dir, name=release 87 | ), 88 | env_vars=env_vars, 89 | preserve=preserve, 90 | verbose=verbose, 91 | ) 92 | except: 93 | preserve = ( 94 | HelmPreserve( 95 | "{}-hlf-ca--ca".format(release), "CA_ADMIN", "adminUsername" 96 | ), 97 | HelmPreserve( 98 | "{}-hlf-ca--ca".format(release), "CA_PASSWORD", "adminPassword" 99 | ), 100 | ) 101 | helm_upgrade( 102 | repository, 103 | "hlf-ca", 104 | release, 105 | ca_namespace, 106 | config_yaml="{dir}/hlf-ca/{name}.yaml".format( 107 | dir=values_dir, name=release 108 | ), 109 | env_vars=env_vars, 110 | preserve=preserve, 111 | verbose=verbose, 112 | ) 113 | 114 | 115 | def ca_enroll(pod_exec): 116 | """Enroll CA. 117 | 118 | Enroll the Certificate Authority (CA) identity within the running CA pod. 119 | This is a necessary step for the CA to function. 120 | 121 | Args: 122 | pod_exec: A pod executor instance bound to the CA. 123 | """ 124 | alive = False 125 | while not alive: 126 | res = pod_exec.logs() 127 | if "Listening on" in res: 128 | alive = True 129 | else: 130 | sleep(15) 131 | # Enroll CA Admin if necessary 132 | ca_cert, _ = pod_exec.execute( 133 | "cat /var/hyperledger/fabric-ca/msp/signcerts/cert.pem" 134 | ) 135 | if not ca_cert: 136 | enrolled_id = False 137 | while not enrolled_id: 138 | res, err = pod_exec.execute( 139 | "bash -c 'fabric-ca-client enroll -d -u http://$CA_ADMIN:$CA_PASSWORD@$SERVICE_DNS:7054'" 140 | ) 141 | if not err: 142 | enrolled_id = True 143 | else: 144 | sleep(15) 145 | 146 | 147 | def check_ca(ingress_host, cacert=None, verbose=False): 148 | """Check that the CA Ingress is responsive. 149 | 150 | Args: 151 | ingress_host (str): Ingress host for the CA. 152 | cacert (str): Path of the CA cert. 153 | verbose (bool): Verbosity. False by default. 154 | """ 155 | # Check that CA ingress is operational 156 | command = "curl https://{ingress}/cainfo".format(ingress=ingress_host) 157 | if cacert: 158 | command += " --cacert {}".format(cacert) 159 | execute_until_success(command, verbose=verbose) 160 | 161 | 162 | # Runner 163 | def setup_ca(opts, upgrade=False, verbose=False): 164 | """Setup CA. 165 | 166 | Setup involves enrolling the CA admin, checking the Ingress 167 | is responsive. 168 | 169 | Args: 170 | opts (dict): Nephos options dict. 171 | upgrade (bool): Do we upgrade the deployment? False by default. 172 | verbose (bool): Verbosity. False by default. 173 | """ 174 | for ca_name, ca_values in opts["cas"].items(): 175 | ca_namespace = get_namespace(opts, ca=ca_name) 176 | # Install Charts 177 | ca_chart(opts=opts, release=ca_name, upgrade=upgrade, verbose=verbose) 178 | 179 | # Obtain CA pod and Enroll 180 | pod_exec = get_pod( 181 | namespace=ca_namespace, release=ca_name, app="hlf-ca", verbose=verbose 182 | ) 183 | ca_enroll(pod_exec) 184 | 185 | # Get CA Ingress and check it is running 186 | try: 187 | # Get ingress of CA 188 | ingress_urls = ingress_read( 189 | ca_name + "-hlf-ca", namespace=ca_namespace, verbose=verbose 190 | ) 191 | except ApiException: 192 | print("No ingress found for CA") 193 | continue 194 | 195 | # Check the CA is running 196 | check_ca( 197 | ingress_host=ingress_urls[0], 198 | cacert=ca_values.get("tls_cert"), 199 | verbose=verbose, 200 | ) 201 | -------------------------------------------------------------------------------- /nephos/fabric/ord.py: -------------------------------------------------------------------------------- 1 | # Copyright [2018] [Alejandro Vicente Grabovetsky via AID:Tech] 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at# 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | from time import sleep 16 | 17 | from nephos.fabric.utils import get_pod 18 | from nephos.fabric.settings import get_namespace 19 | from nephos.helpers.helm import helm_install, helm_upgrade 20 | from nephos.helpers.misc import execute 21 | 22 | 23 | def check_ord(namespace, release, verbose=False): 24 | """Check if Orderer is running. 25 | 26 | Args: 27 | namespace (str): Namespace where Orderer is located. 28 | release (str): Name of Orderer Helm release. 29 | verbose (bool): Verbosity. False by default. 30 | 31 | Returns: 32 | bool: True once Orderer is correctly running. 33 | """ 34 | pod_exec = get_pod( 35 | namespace=namespace, release=release, app="hlf-ord", verbose=verbose 36 | ) 37 | res = pod_exec.logs(1000) 38 | if "fetching metadata for all topics from broker" in res: 39 | return True 40 | while True: 41 | if "Starting orderer" in res: 42 | return True 43 | else: 44 | sleep(15) 45 | res = pod_exec.logs(1000) 46 | 47 | 48 | # TODO: We need a similar check to see if Peer uses client TLS as well 49 | def check_ord_tls(opts, verbose=False): 50 | """Check TLS status of Orderer. 51 | 52 | Args: 53 | opts (dict): Nephos options dict. 54 | verbose (bool): Verbosity. False by default. 55 | 56 | Returns: 57 | bool: True if TLS is enabled, False if TLS is disabled. 58 | """ 59 | ord_namespace = get_namespace(opts, opts["orderers"]["msp"]) 60 | ord_tls, _ = execute( 61 | ( 62 | "kubectl get cm -n {ns} " 63 | + '{release}-hlf-ord--ord -o jsonpath="{{.data.ORDERER_GENERAL_TLS_ENABLED}}"' 64 | ).format(ns=ord_namespace, release=opts["orderers"]["names"][0]), 65 | verbose=verbose, 66 | ) 67 | return ord_tls == "true" 68 | 69 | 70 | def setup_ord(opts, upgrade=False, verbose=False): 71 | """Setup Orderer on K8S. 72 | 73 | Args: 74 | opts (dict): Nephos options dict. 75 | upgrade (bool): Do we upgrade the deployment? False by default. 76 | verbose (bool): Verbosity. False by default. 77 | """ 78 | ord_namespace = get_namespace(opts, opts["orderers"]["msp"]) 79 | # Kafka 80 | if "kafka" in opts["orderers"]: 81 | # Kafka upgrade is risky, so we disallow it by default 82 | helm_install( 83 | "incubator", 84 | "kafka", 85 | "kafka-hlf", 86 | ord_namespace, 87 | config_yaml="{dir}/kafka/kafka-hlf.yaml".format( 88 | dir=opts["core"]["dir_values"] 89 | ), 90 | pod_num=opts["orderers"]["kafka"]["pod_num"], 91 | verbose=verbose, 92 | ) 93 | 94 | for release in opts["orderers"]["names"]: 95 | # HL-Ord 96 | if not upgrade: 97 | helm_install( 98 | opts["core"]["chart_repo"], 99 | "hlf-ord", 100 | release, 101 | ord_namespace, 102 | config_yaml="{dir}/hlf-ord/{name}.yaml".format( 103 | dir=opts["core"]["dir_values"], name=release 104 | ), 105 | verbose=verbose, 106 | ) 107 | else: 108 | helm_upgrade( 109 | opts["core"]["chart_repo"], 110 | "hlf-ord", 111 | release, 112 | ord_namespace, 113 | config_yaml="{dir}/hlf-ord/{name}.yaml".format( 114 | dir=opts["core"]["dir_values"], name=release 115 | ), 116 | verbose=verbose, 117 | ) 118 | # Check that Orderer is running 119 | check_ord(ord_namespace, release, verbose=verbose) 120 | -------------------------------------------------------------------------------- /nephos/fabric/settings.py: -------------------------------------------------------------------------------- 1 | # Copyright [2018] [Alejandro Vicente Grabovetsky via AID:Tech] 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at# 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | from collections import OrderedDict 16 | from os import path 17 | 18 | import yaml 19 | 20 | from nephos.helpers.k8s import context_get 21 | 22 | 23 | # YAML module will load data using an OrderedDict 24 | def dict_constructor(loader, node): 25 | return OrderedDict(loader.construct_pairs(node)) 26 | 27 | 28 | def dict_representer(dumper, data): 29 | return dumper.represent_dict(data.items()) 30 | 31 | 32 | yaml.add_representer(OrderedDict, dict_representer) 33 | yaml.add_constructor(yaml.resolver.BaseResolver.DEFAULT_MAPPING_TAG, dict_constructor) 34 | 35 | 36 | def check_cluster(cluster_name): 37 | """Check that we are using the correct K8S cluster. 38 | 39 | Args: 40 | cluster_name (str): Name of K8S cluster. 41 | """ 42 | context = context_get() 43 | if context["context"]["cluster"] != cluster_name: 44 | message = "We expect to use cluster {}, but are instead using cluster {}".format( 45 | cluster_name, context["context"]["cluster"] 46 | ) 47 | raise ValueError(message) 48 | 49 | 50 | def get_namespace(opts, msp=None, ca=None): 51 | """Get relevant namespace where MSP or CA should be located. 52 | 53 | Args: 54 | opts (dict): Nephos options dict. 55 | msp (str): Name of Membership Service Provider (MSP). 56 | ca (str): Name of Certificate Authority (CA). 57 | 58 | Returns: 59 | str: Namespace relating to either an MSP or a CA. 60 | """ 61 | if msp is not None: 62 | if "msps" in opts and msp in opts["msps"]: 63 | msp_values = opts["msps"][msp] 64 | else: 65 | raise KeyError('Settings dict does not contain MSP "{}"'.format(msp)) 66 | if "namespace" in msp_values: 67 | # Specific MSP-based namespace 68 | return msp_values["namespace"] 69 | elif ca is not None: 70 | if "cas" in opts and ca in opts["cas"]: 71 | ca_values = opts["cas"][ca] 72 | else: 73 | raise KeyError('Settings dict does not contain CA "{}"'.format(ca)) 74 | if "namespace" in ca_values: 75 | # Specific MSP-based namespace 76 | return ca_values["namespace"] 77 | # Default case is to return core namespace 78 | return opts["core"]["namespace"] 79 | 80 | 81 | def load_config(settings_file): 82 | """Load configuration from Nephos options/settings YAML file. 83 | 84 | Args: 85 | settings_file (str): Name of YAML file containing Nephos options/settings. 86 | 87 | Returns: 88 | dict: Nephos options/settings. 89 | """ 90 | with open(settings_file) as f: 91 | data = yaml.safe_load(f) 92 | if "cluster" in data["core"]: 93 | check_cluster(data["core"]["cluster"]) 94 | if path.isdir(data["core"]["chart_repo"]): 95 | # TODO: This abspath/expanduser combo can be refactored to another function 96 | data["core"]["chart_repo"] = path.abspath( 97 | path.expanduser(data["core"]["chart_repo"]) 98 | ) 99 | data["core"]["dir_config"] = path.abspath( 100 | path.expanduser(data["core"]["dir_config"]) 101 | ) 102 | data["core"]["dir_crypto"] = path.abspath( 103 | path.expanduser(data["core"]["dir_crypto"]) 104 | ) 105 | data["core"]["dir_values"] = path.abspath( 106 | path.expanduser(data["core"]["dir_values"]) 107 | ) 108 | return data 109 | -------------------------------------------------------------------------------- /nephos/fabric/utils.py: -------------------------------------------------------------------------------- 1 | # Copyright [2018] [Alejandro Vicente Grabovetsky via AID:Tech] 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at# 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | from glob import glob 16 | from os import path 17 | 18 | from kubernetes.client.rest import ApiException 19 | 20 | from nephos.helpers.k8s import Executer, secret_create, secret_from_file, secret_read 21 | from nephos.helpers.misc import execute, rand_string 22 | 23 | 24 | def credentials_secret(secret_name, namespace, username, password=None, verbose=False): 25 | """Create a CA credentials secret. 26 | 27 | Args: 28 | secret_name (str): Name of secret. 29 | namespace (str): Namespace for secret to be located. 30 | username (str): Username for credentials secret. 31 | password (str): Password for credentials secret. 32 | verbose (bool): Verbosity. False by default. 33 | 34 | Returns: 35 | dict: Secret data including "CA_USERNAME" and "CA_PASSWORD" 36 | """ 37 | try: 38 | secret_data = secret_read(secret_name, namespace, verbose=verbose) 39 | # Check that the ID stored is the same as Orderer name 40 | # TODO: Remove asserts here, instead raise error 41 | assert username == secret_data["CA_USERNAME"] 42 | if password: 43 | assert password == secret_data["CA_PASSWORD"] 44 | except ApiException: 45 | # Get relevant variables 46 | if not password: 47 | password = rand_string(24) 48 | secret_data = {"CA_USERNAME": username, "CA_PASSWORD": password} 49 | secret_create(secret_data, secret_name, namespace) 50 | return secret_data 51 | 52 | 53 | def crypto_secret(secret_name, namespace, file_path, key, verbose=False): 54 | """Create a crypto-material secret. 55 | 56 | Args: 57 | secret_name (str): Name of secret. 58 | namespace (str): Namespace for secret to be located. 59 | file_path (str): Path to file we want to store as a secret. 60 | key (str): Key (file) name of secret we want to store as a secret. 61 | verbose (bool): Verbosity. False by default. 62 | """ 63 | secret_files = glob(path.join(file_path, "*")) 64 | if len(secret_files) != 1: 65 | raise Exception("We should only find one file in this directory") 66 | secret_from_file( 67 | secret=secret_name, 68 | namespace=namespace, 69 | key=key, 70 | filename=secret_files[0], 71 | verbose=verbose, 72 | ) 73 | 74 | 75 | def get_pod(namespace, release, app, verbose=False): 76 | """Get a pod object from K8S. 77 | 78 | Args: 79 | namespace (str): Namespace where pod is located. 80 | release (str): Release name of pod. 81 | app (str): App type of pod. 82 | verbose (bool): Verbosity. False by default. 83 | 84 | Returns: 85 | Executer: A pod object able to execute commands and return logs. 86 | """ 87 | node_pod, _ = execute( 88 | ( 89 | 'kubectl get pods -n {ns} -l "app={app},release={release}" ' 90 | + '-o jsonpath="{{.items[0].metadata.name}}"' 91 | ).format(ns=namespace, app=app, release=release), 92 | verbose=verbose, 93 | ) 94 | if not node_pod: 95 | raise ValueError('"node_pod" should contain a value') 96 | pod_ex = Executer(node_pod, namespace=namespace, verbose=verbose) 97 | return pod_ex 98 | -------------------------------------------------------------------------------- /nephos/helpers/__init__.py: -------------------------------------------------------------------------------- 1 | from . import helm, k8s, misc 2 | 3 | __all__ = ["helm", "k8s", "misc"] 4 | -------------------------------------------------------------------------------- /nephos/helpers/misc.py: -------------------------------------------------------------------------------- 1 | from __future__ import print_function 2 | 3 | import random 4 | from builtins import input 5 | from getpass import getpass 6 | from os.path import isfile, split 7 | import re 8 | from string import ascii_letters, digits 9 | from subprocess import check_output, STDOUT, CalledProcessError 10 | import time 11 | 12 | from blessings import Terminal 13 | from pygments import highlight 14 | from pygments.lexers import JsonLexer 15 | from pygments.formatters import TerminalFormatter 16 | 17 | t = Terminal() 18 | 19 | 20 | def execute(command, verbose=False, show_command=True, show_errors=True): 21 | """Execute an arbitrary command line command. 22 | 23 | Args: 24 | command (str): Command to execute. 25 | verbose (bool): Verbosity. False by default. 26 | show_command (bool): Do we display the command? True by default. 27 | show_errors (bool): Do we display errors? True by default. 28 | 29 | Returns: 30 | tuple: 2-tuple of execution info: 31 | 1) result of the command, if successful, None if not; 32 | 2) and error, if command failed, None if not. 33 | """ 34 | if show_command: 35 | print(t.magenta(command)) 36 | try: 37 | # TODO: Can we do this with a different command than check_output (Bandit security issue) 38 | result = check_output(command, stderr=STDOUT, shell=True) 39 | decoded = result.decode("utf-8") 40 | if verbose: 41 | print(decoded) 42 | return decoded, None 43 | except CalledProcessError as e: 44 | error_text = e.output.decode("utf-8") 45 | if show_errors: 46 | print(t.red("Command failed with CalledProcessError:")) 47 | print(error_text) 48 | return None, error_text 49 | 50 | 51 | def execute_until_success(command, verbose=False, delay=15): 52 | """Execute a command until it is successful. 53 | 54 | Args: 55 | command (str): Command to execute. 56 | verbose (bool): Verbosity. False by default. 57 | delay (int): Delay in seconds between each unsuccessful attempt. 58 | 59 | Returns: 60 | str: result of the command 61 | """ 62 | res = None 63 | first_pass = True 64 | while not res: 65 | res, _ = execute( 66 | command, 67 | show_command=first_pass, 68 | verbose=verbose and first_pass, 69 | show_errors=first_pass, 70 | ) 71 | first_pass = False 72 | if not res: 73 | print(t.red("."), end="", flush=True) 74 | time.sleep(delay) 75 | else: 76 | if verbose: 77 | print(res) 78 | return res 79 | 80 | 81 | def input_files(keys, clean_key=False): 82 | """Read a set of filenames and return data from them. 83 | 84 | Args: 85 | keys (tuple): Tuple of keys 86 | clean_key (bool): Do we clean the key to replace non-alphanumeric symbols with an underscore? False by default. 87 | 88 | Returns: 89 | dict: Data from each file assigned to its relevant key. 90 | """ 91 | data = {} 92 | input_text = "Input {key}" 93 | for key in keys: 94 | # TODO: This could be its own function. 95 | is_file = False 96 | while not is_file: 97 | filename = get_response(input_text.format(key=key)) 98 | is_file = isfile(filename) 99 | if not is_file: 100 | print("{} is not a file".format(filename)) 101 | if key is None: 102 | key = split(filename)[1] 103 | if clean_key: 104 | dirty_key = key 105 | key = re.sub("[^0-9a-zA-Z_.\-]+", "_", dirty_key) 106 | if key != dirty_key: 107 | print(t.yellow("Replaced ") + dirty_key + t.yellow(" with ") + key) 108 | with open(filename, "rb") as f: 109 | data[key] = f.read() 110 | return data 111 | 112 | 113 | def get_response(question, permitted_responses=(), sensitive=False): 114 | """Get response from user. 115 | 116 | Args: 117 | question: What do we want to obtain from the user? 118 | permitted_responses: What responses do we allow? 119 | sensitive: Is the information sensitive (e.g. a password)? 120 | 121 | Returns: 122 | str: Response from user. 123 | """ 124 | print(t.yellow(question)) 125 | if permitted_responses: 126 | print(t.cyan("Permitted responses: " + str(permitted_responses))) 127 | responded = 0 128 | while responded == 0: 129 | if sensitive: 130 | response = getpass("Password:") 131 | else: 132 | response = input() 133 | # Check type of response 134 | if response in permitted_responses or not permitted_responses: 135 | # Response is among possible responses (or any response is permitted) 136 | responded = 1 137 | # Otherwise we ping the user to input a response 138 | if not responded: 139 | print(t.red("Invalid response, try again!")) 140 | return response 141 | 142 | 143 | def pretty_print(string): 144 | """Pretty print a JSON string. 145 | 146 | Args: 147 | string (str): String we want to pretty print. 148 | """ 149 | print(highlight(string, JsonLexer(), TerminalFormatter())) 150 | 151 | 152 | def rand_string(length): 153 | """Create random alphanumeric string (useful for passwords). 154 | 155 | Args: 156 | length (int): Length of random string. 157 | 158 | Returns: 159 | str: Alphanumeric string. 160 | """ 161 | return "".join(random.choice(ascii_letters + digits) for _ in range(length)) 162 | -------------------------------------------------------------------------------- /nephos/runners.py: -------------------------------------------------------------------------------- 1 | # Copyright [2018] [Alejandro Vicente Grabovetsky via AID:Tech] 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at# 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | from nephos.fabric.ca import setup_ca 16 | from nephos.fabric.crypto import admin_msp, genesis_block, channel_tx, setup_nodes 17 | from nephos.fabric.ord import setup_ord 18 | from nephos.fabric.peer import setup_peer, create_channel 19 | from nephos.composer.install import deploy_composer, install_network, setup_admin 20 | from nephos.composer.upgrade import upgrade_network 21 | 22 | 23 | def runner_ca(opts, upgrade=False, verbose=False): 24 | """Deploy CAs. 25 | 26 | Args: 27 | opts (dict): Nephos options dict. 28 | upgrade (bool): Do we upgrade the deployment? False by default. 29 | verbose (bool): Verbosity. False by default. 30 | """ 31 | if opts["cas"]: 32 | setup_ca(opts, upgrade=upgrade, verbose=verbose) 33 | else: 34 | print("No CAs defined in Nephos settings, ignoring CA setup") 35 | 36 | 37 | def runner_composer(opts, upgrade=False, verbose=False): 38 | """Deploy Hyperledger Composer. 39 | 40 | Args: 41 | opts (dict): Nephos options dict. 42 | upgrade (bool): Do we upgrade the deployment? False by default. 43 | verbose (bool): Verbosity. False by default. 44 | """ 45 | deploy_composer(opts, upgrade=upgrade, verbose=verbose) 46 | setup_admin(opts, verbose=verbose) 47 | install_network(opts, verbose=verbose) 48 | 49 | 50 | def runner_composer_up(opts, verbose=False): 51 | """Upgrade Hyperledger Composer network (experimental). 52 | 53 | Args: 54 | opts (dict): Nephos options dict. 55 | verbose (bool): Verbosity. False by default. 56 | """ 57 | upgrade_network(opts, verbose=verbose) 58 | 59 | 60 | def runner_crypto(opts, verbose=False): 61 | """Create Crypto-material by either using CAs or save Cryptogen material. 62 | 63 | Args: 64 | opts (dict): Nephos options dict. 65 | verbose (bool): Verbosity. False by default. 66 | """ 67 | # TODO: Limited by the fact that we manually specify MSPs 68 | # Set up Admin MSPs 69 | admin_msp(opts, opts["orderers"]["msp"], verbose=verbose) 70 | admin_msp(opts, opts["peers"]["msp"], verbose=verbose) 71 | # Genesis & Channel 72 | genesis_block(opts, verbose=verbose) 73 | # TODO: We currently only support a single channel 74 | channel_tx(opts, verbose=verbose) 75 | # Setup node MSPs 76 | setup_nodes(opts, "orderer", verbose=verbose) 77 | setup_nodes(opts, "peer", verbose=verbose) 78 | 79 | 80 | def runner_deploy(opts, upgrade=False, verbose=False): 81 | """Deploy end-to-end deployment of Hyperledger Fabric and Composer. 82 | 83 | Args: 84 | opts (dict): Nephos options dict. 85 | upgrade (bool): Do we upgrade the deployment? False by default. 86 | verbose (bool): Verbosity. False by default. 87 | """ 88 | # Fabric 89 | runner_fabric(opts, upgrade=upgrade, verbose=verbose) 90 | # Composer 91 | runner_composer(opts, upgrade=upgrade, verbose=verbose) 92 | 93 | 94 | def runner_fabric(opts, upgrade=False, verbose=False): 95 | """Deploy Hyperledger Fabric, including CAs/Cryptogen, Orderers and Peers. 96 | 97 | Args: 98 | opts (dict): Nephos options dict. 99 | upgrade (bool): Do we upgrade the deployment? False by default. 100 | verbose (bool): Verbosity. False by default. 101 | """ 102 | # Setup CA 103 | runner_ca(opts, upgrade=upgrade, verbose=verbose) 104 | # Crypto material 105 | runner_crypto(opts, verbose=verbose) 106 | # Orderers 107 | runner_orderer(opts, upgrade=upgrade, verbose=verbose) 108 | # Peers 109 | runner_peer(opts, upgrade=upgrade, verbose=verbose) 110 | 111 | 112 | def runner_orderer(opts, upgrade=False, verbose=False): 113 | """Deploy Hyperledger Fabric Orderers. 114 | 115 | Args: 116 | opts (dict): Nephos options dict. 117 | upgrade (bool): Do we upgrade the deployment? False by default. 118 | verbose (bool): Verbosity. False by default. 119 | """ 120 | setup_ord(opts, upgrade=upgrade, verbose=verbose) 121 | 122 | 123 | def runner_peer(opts, upgrade=False, verbose=False): 124 | """Deploy Hyperledger Fabric Peers. 125 | 126 | Args: 127 | opts (dict): Nephos options dict. 128 | upgrade (bool): Do we upgrade the deployment? False by default. 129 | verbose (bool): Verbosity. False by default. 130 | """ 131 | setup_peer(opts, upgrade=upgrade, verbose=verbose) 132 | create_channel(opts, verbose=verbose) 133 | -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- 1 | adal==1.2.0 2 | alabaster==0.7.12 3 | appdirs==1.4.3 4 | asn1crypto==0.24.0 5 | atomicwrites==1.2.1 6 | attrs==18.2.0 7 | Babel==2.6.0 8 | bandit==1.5.1 9 | black==18.9b0 10 | bleach==3.0.2 11 | blessings==1.7 12 | cachetools==3.0.0 13 | certifi==2018.11.29 14 | cffi==1.11.5 15 | chardet==3.0.4 16 | Click==7.0 17 | coverage==4.5.2 18 | cryptography==2.4.2 19 | docutils==0.14 20 | gitdb2==2.0.5 21 | GitPython==2.1.11 22 | google-auth==1.6.1 23 | idna==2.8 24 | imagesize==1.1.0 25 | Jinja2==2.10 26 | kubernetes==8.0.0 27 | m2r==0.2.1 28 | MarkupSafe==1.1.0 29 | mistune==0.8.4 30 | more-itertools==4.3.0 31 | oauthlib==2.1.0 32 | packaging==19.0 33 | pbr==5.1.3 34 | pkginfo==1.4.2 35 | pluggy==0.8.0 36 | pockets==0.7.2 37 | py==1.7.0 38 | pyasn1==0.4.4 39 | pyasn1-modules==0.2.2 40 | pycparser==2.19 41 | Pygments==2.3.1 42 | PyJWT==1.7.1 43 | pyparsing==2.3.1 44 | pytest==4.0.2 45 | pytest-cov==2.6.0 46 | python-dateutil==2.7.5 47 | pytz==2018.9 48 | PyYAML==4.2b1 49 | readme-renderer==24.0 50 | requests==2.21.0 51 | requests-oauthlib==1.0.0 52 | requests-toolbelt==0.8.0 53 | rsa==4.0 54 | six==1.12.0 55 | smmap2==2.0.5 56 | snowballstemmer==1.2.1 57 | Sphinx==1.8.4 58 | sphinx-rtd-theme==0.4.3 59 | sphinxcontrib-websupport==1.1.0 60 | stevedore==1.30.1 61 | toml==0.10.0 62 | tqdm==4.28.1 63 | twine==1.12.1 64 | urllib3==1.24.1 65 | webencodings==0.5.1 66 | websocket-client==0.54.0 67 | -------------------------------------------------------------------------------- /setup.py: -------------------------------------------------------------------------------- 1 | # !/usr/bin/env python 2 | # -*- coding: utf-8 -*- 3 | # pragma: no cover 4 | 5 | # Copyright [2018] [Alejandro Vicente Grabovetsky via AID:Tech] 6 | # 7 | # Licensed under the Apache License, Version 2.0 (the "License"); 8 | # you may not use this file except in compliance with the License. 9 | # You may obtain a copy of the License at# 10 | # 11 | # http://www.apache.org/licenses/LICENSE-2.0 12 | # 13 | # Unless required by applicable law or agreed to in writing, software 14 | # distributed under the License is distributed on an "AS IS" BASIS, 15 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 | # See the License for the specific language governing permissions and 17 | # limitations under the License. 18 | 19 | # Acknowledgement: adapted from https://github.com/kennethreitz/setup.py 20 | 21 | """Setup the Nephos application. 22 | 23 | To use the 'upload' functionality of this file, you must: 24 | $ pip install twine 25 | To actually upload latest version of package: 26 | $ python setup.py upload 27 | """ 28 | 29 | import io 30 | import os 31 | import sys 32 | from shutil import rmtree 33 | 34 | from setuptools import find_packages, setup, Command 35 | 36 | # Package meta-data. 37 | NAME = "nephos" 38 | DESCRIPTION = "Deployer for Hyperledger Fabric networks onto Kubernetes" 39 | URL = "https://github.com/aidtechnology/nephos" 40 | EMAIL = "sasha@aid.technology" 41 | AUTHOR = "Alejandro (Sasha) Vicente Grabovetsky" 42 | REQUIRES_PYTHON = ">=3.7.0" 43 | VERSION = "0.2.9" 44 | 45 | # What packages are required for this module to be executed? 46 | REQUIRED = ["blessings", "click", "kubernetes", "pygments"] 47 | 48 | # What packages are optional? 49 | EXTRAS = { 50 | # 'fancy feature': ['django'], 51 | } 52 | 53 | # The rest you shouldn't have to touch too much :) 54 | # ------------------------------------------------ 55 | # Except, perhaps the License and Trove Classifiers! 56 | # If you do change the License, remember to change the Trove Classifier for that! 57 | 58 | here = os.path.abspath(os.path.dirname(__file__)) 59 | 60 | # Import the README and use it as the long-description. 61 | # Note: this will only work if 'README.md' is present in your MANIFEST.in file! 62 | try: 63 | with io.open(os.path.join(here, "README.md"), encoding="utf-8") as f: 64 | long_description = "\n" + f.read() 65 | except FileNotFoundError: 66 | long_description = DESCRIPTION 67 | 68 | # Load the package's __version__.py module as a dictionary. 69 | about = {} 70 | if not VERSION: 71 | with open(os.path.join(here, NAME, "__version__.py")) as f: 72 | exec(f.read(), about) 73 | else: 74 | about["__version__"] = VERSION 75 | 76 | 77 | class UploadCommand(Command): 78 | """Support setup.py upload.""" 79 | 80 | description = "Build and publish the package." 81 | user_options = [] 82 | 83 | @staticmethod 84 | def status(s): 85 | """Prints things in bold.""" 86 | print("\033[1m{0}\033[0m".format(s)) 87 | 88 | def initialize_options(self): 89 | pass 90 | 91 | def finalize_options(self): 92 | pass 93 | 94 | def run(self): 95 | try: 96 | self.status("Removing previous builds…") 97 | rmtree(os.path.join(here, "dist")) 98 | except OSError: 99 | pass 100 | 101 | self.status("Building Source and Wheel (universal) distribution…") 102 | os.system("{0} setup.py sdist bdist_wheel --universal".format(sys.executable)) 103 | 104 | self.status("Uploading the package to PyPI via Twine…") 105 | os.system("twine upload dist/*") 106 | 107 | self.status("Pushing git tags…") 108 | os.system("git tag v{0}".format(about["__version__"])) 109 | os.system("git push --tags") 110 | 111 | sys.exit() 112 | 113 | 114 | # Where the magic happens: 115 | setup( 116 | name=NAME, 117 | version=about["__version__"], 118 | description=DESCRIPTION, 119 | long_description=long_description, 120 | long_description_content_type="text/markdown", 121 | author=AUTHOR, 122 | author_email=EMAIL, 123 | python_requires=REQUIRES_PYTHON, 124 | url=URL, 125 | packages=find_packages(exclude=("tests",)), 126 | # If your package is a single module, use this instead of 'packages': 127 | # py_modules=['mypackage'], 128 | # entry_points={ 129 | # 'console_scripts': ['mycli=mymodule:cli'], 130 | # }, 131 | install_requires=REQUIRED, 132 | extras_require=EXTRAS, 133 | include_package_data=True, 134 | license="MIT", 135 | classifiers=[ 136 | # Trove classifiers 137 | # Full list: https://pypi.python.org/pypi?%3Aaction=list_classifiers 138 | "License :: OSI Approved :: MIT License", 139 | "Programming Language :: Python", 140 | "Programming Language :: Python :: 3", 141 | "Programming Language :: Python :: 3.7", 142 | "Programming Language :: Python :: Implementation :: CPython", 143 | "Programming Language :: Python :: Implementation :: PyPy", 144 | ], 145 | # $ setup.py publish support. 146 | cmdclass={"upload": UploadCommand}, 147 | ) 148 | -------------------------------------------------------------------------------- /sonar-project.properties: -------------------------------------------------------------------------------- 1 | # Must be unique in a given SonarQube instance 2 | sonar.projectKey=aidtechnology_nephos 3 | # Name and version displayed in the SonarQube UI. 4 | sonar.projectName=AID:Tech Nephos 5 | sonar.projectVersion=1.0 6 | 7 | # Path is relative to the sonar-project.properties file. Replace "\" by "/" on Windows. 8 | # Optional if sonar.modules is set. 9 | sonar.sources=. 10 | sonar.tests=. 11 | sonar.test.inclusions=**/*test*/** 12 | sonar.exclusions=venv/**,**/*test*/**,setup.py,docs/**,*integration*/** 13 | sonar.python.coverage.reportPath=./coverage.xml 14 | 15 | # Encoding of the source code. By default, the system encoding 16 | #sonar.sourceEncoding=UTF-8 17 | -------------------------------------------------------------------------------- /tests/composer/test_connection_template.py: -------------------------------------------------------------------------------- 1 | from unittest.mock import patch 2 | 3 | from nephos.composer.connection_template import define_orderers, define_peers, json_ct 4 | 5 | 6 | class TestDefineOrderers: 7 | def test_define_orderers(self): 8 | res = define_orderers( 9 | ["ord0", "ord1"], ["ord0.local-cluster", "ord1.local-cluster"] 10 | ) 11 | assert res == { 12 | "ord0": {"url": "grpc://ord0.local-cluster:7050"}, 13 | "ord1": {"url": "grpc://ord1.local-cluster:7050"}, 14 | } 15 | 16 | def test_define_orderers_domain(self): 17 | res = define_orderers( 18 | ["ord0", "ord1"], 19 | ["ord0.local-cluster", "ord1.local-cluster"], 20 | domain="a-domain.com", 21 | ) 22 | assert res == { 23 | "ord0.a-domain.com": {"url": "grpc://ord0.local-cluster:7050"}, 24 | "ord1.a-domain.com": {"url": "grpc://ord1.local-cluster:7050"}, 25 | } 26 | 27 | 28 | class TestDefinePeers: 29 | def test_define_peers(self): 30 | res = define_peers(["peer0"], ["peer0.local-cluster"], "an-org") 31 | assert res == ( 32 | { 33 | "peer0": { 34 | "chaincodeQuery": True, 35 | "endorsingPeer": True, 36 | "eventSource": True, 37 | "ledgerQuery": True, 38 | } 39 | }, 40 | { 41 | "peer0": { 42 | "url": "grpc://peer0.local-cluster:7051", 43 | "eventUrl": "grpc://peer0.local-cluster:7053", 44 | } 45 | }, 46 | ) 47 | 48 | def test_define_peers_domain(self): 49 | res = define_peers( 50 | ["peer0"], ["peer0.local-cluster"], "an-org", domain="a-domain.com" 51 | ) 52 | assert res == ( 53 | { 54 | "peer0.an-org.a-domain.com": { 55 | "chaincodeQuery": True, 56 | "endorsingPeer": True, 57 | "eventSource": True, 58 | "ledgerQuery": True, 59 | } 60 | }, 61 | { 62 | "peer0.an-org.a-domain.com": { 63 | "url": "grpc://peer0.local-cluster:7051", 64 | "eventUrl": "grpc://peer0.local-cluster:7053", 65 | } 66 | }, 67 | ) 68 | 69 | 70 | # TODO: This command is much too complicated (simplify and derive from hlf_config.yaml 71 | class TestJsonCt: 72 | OPTS = { 73 | "msps": { 74 | "ord_MSP": {"namespace": "ord-namespace"}, 75 | "peer_MSP": {"namespace": "peer-namespace"}, 76 | }, 77 | "orderers": {"msp": "ord_MSP", "names": ["ord0"]}, 78 | "peers": {"msp": "peer_MSP", "names": ["peer0"]}, 79 | } 80 | 81 | @patch("nephos.composer.connection_template.define_peers") 82 | @patch("nephos.composer.connection_template.define_orderers") 83 | def test_json_ct(self, mock_define_orderers, mock_define_peers): 84 | mock_define_peers.side_effect = [ 85 | ( 86 | { 87 | "peer0.an-org.a-domain.com": { 88 | "chaincodeQuery": True, 89 | "endorsingPeer": True, 90 | "eventSource": True, 91 | "ledgerQuery": True, 92 | } 93 | }, 94 | { 95 | "peer0.an-org.a-domain.com": { 96 | "url": "grpc://peer0-hlf-peer.peer-namespace.svc.cluster.local:7051", 97 | "eventUrl": "grpc://peer0-hlf-peer.peer-namespace.svc.cluster.local:7053", 98 | } 99 | }, 100 | ) 101 | ] 102 | mock_define_orderers.side_effect = [ 103 | { 104 | "ord0.a-domain.com": { 105 | "url": "grpc://ord0-hlf-ord.orderer-namespace.svc.cluster.local:7050" 106 | } 107 | } 108 | ] 109 | res = json_ct( 110 | self.OPTS, 111 | "a-ca", 112 | "a-ca.a-domain.com", 113 | "an-org", 114 | "a-domain.com", 115 | "AnMSP", 116 | "a-channel", 117 | ) 118 | mock_define_peers.assert_called_once_with( 119 | ["peer0"], 120 | ["peer0-hlf-peer.peer-namespace.svc.cluster.local"], 121 | "an-org", 122 | "a-domain.com", 123 | ) 124 | mock_define_orderers.assert_called_once_with( 125 | ["ord0"], ["ord0-hlf-ord.ord-namespace.svc.cluster.local"], "a-domain.com" 126 | ) 127 | assert isinstance(res, str) 128 | -------------------------------------------------------------------------------- /tests/composer/test_upgrade.py: -------------------------------------------------------------------------------- 1 | from unittest.mock import call, patch, Mock 2 | 3 | from nephos.composer.upgrade import upgrade_network 4 | 5 | 6 | class TestUpgradeNetwork: 7 | OPTS = { 8 | "cas": {"peer-ca": {}}, 9 | "composer": {"secret_bna": "bna-secret"}, 10 | "msps": { 11 | "peer_MSP": { 12 | "ca": "peer-ca", 13 | "namespace": "peer-ns", 14 | "org_admin": "an-admin", 15 | } 16 | }, 17 | "peers": {"msp": "peer_MSP"}, 18 | } 19 | 20 | @patch("nephos.composer.upgrade.secret_from_file") 21 | @patch("nephos.composer.upgrade.print") 22 | @patch("nephos.composer.upgrade.get_pod") 23 | def test_upgrade_network(self, mock_get_pod, mock_print, mock_secret_from_file): 24 | mock_pod_ex = Mock() 25 | mock_pod_ex.execute.side_effect = [ 26 | ("a-network_a-version.bna", None), 27 | ("Business network version: another-version", None), 28 | ("Network install", None), # network install 29 | ("Network upgrade", None), # network upgrade 30 | ("Business network version: a-version", None), 31 | ] 32 | mock_get_pod.side_effect = [mock_pod_ex] 33 | upgrade_network(self.OPTS) 34 | mock_secret_from_file.assert_called_once_with( 35 | secret="bna-secret", namespace="peer-ns", verbose=False 36 | ) 37 | mock_get_pod.assert_called_once_with( 38 | "peer-ns", "hlc", "hl-composer", verbose=False 39 | ) 40 | mock_pod_ex.execute.assert_has_calls( 41 | [ 42 | call("ls /hl_config/blockchain_network"), 43 | call("composer network ping --card an-admin@a-network"), 44 | call( 45 | "composer network install --card PeerAdmin@hlfv1 " 46 | + "--archiveFile /hl_config/blockchain_network/a-network_a-version.bna" 47 | ), 48 | call( 49 | "composer network upgrade --card PeerAdmin@hlfv1 " 50 | + "--networkName a-network --networkVersion a-version" 51 | ), 52 | call("composer network ping --card an-admin@a-network"), 53 | ] 54 | ) 55 | mock_print.assert_has_calls( 56 | [call("another-version"), call("Upgraded to a-version")] 57 | ) 58 | 59 | @patch("nephos.composer.upgrade.secret_from_file") 60 | @patch("nephos.composer.upgrade.print") 61 | @patch("nephos.composer.upgrade.get_pod") 62 | def test_upgrade_network_again( 63 | self, mock_get_pod, mock_print, mock_secret_from_file 64 | ): 65 | mock_pod_ex = Mock() 66 | mock_pod_ex.execute.side_effect = [ 67 | ("a-network_a-version.bna", None), 68 | ("Business network version: a-version", None), 69 | ] 70 | mock_get_pod.side_effect = [mock_pod_ex] 71 | upgrade_network(self.OPTS, verbose=True) 72 | mock_secret_from_file.assert_called_once_with( 73 | secret="bna-secret", namespace="peer-ns", verbose=True 74 | ) 75 | mock_get_pod.assert_called_once_with( 76 | "peer-ns", "hlc", "hl-composer", verbose=True 77 | ) 78 | mock_pod_ex.execute.assert_has_calls( 79 | [ 80 | call("ls /hl_config/blockchain_network"), 81 | call("composer network ping --card an-admin@a-network"), 82 | ] 83 | ) 84 | mock_print.assert_has_calls([call("a-version")]) 85 | -------------------------------------------------------------------------------- /tests/fabric/test_ord.py: -------------------------------------------------------------------------------- 1 | from copy import deepcopy 2 | from unittest.mock import call, patch, Mock 3 | 4 | from nephos.fabric.ord import check_ord, check_ord_tls, setup_ord 5 | 6 | 7 | class TestCheckOrd: 8 | @patch("nephos.fabric.ord.sleep") 9 | @patch("nephos.fabric.ord.get_pod") 10 | def test_check_ord(self, mock_get_pod, mock_sleep): 11 | mock_pod_ex = Mock() 12 | mock_pod_ex.logs.side_effect = [ 13 | "Not yet started", 14 | "Not yet started\nStarting orderer", 15 | ] 16 | mock_get_pod.side_effect = [mock_pod_ex] 17 | check_ord("a-namespace", "a-release") 18 | assert mock_pod_ex.logs.call_count == 2 19 | mock_sleep.assert_called_once_with(15) 20 | 21 | @patch("nephos.fabric.ord.sleep") 22 | @patch("nephos.fabric.ord.get_pod") 23 | def test_check_ord_again(self, mock_get_pod, mock_sleep): 24 | mock_pod_ex = Mock() 25 | mock_pod_ex.logs.side_effect = [ 26 | "Not yet started\nStarting orderer\nOrderer fetching metadata for all topics from broker" 27 | ] 28 | mock_get_pod.side_effect = [mock_pod_ex] 29 | check_ord("a-namespace", "a-release", verbose=True) 30 | assert mock_pod_ex.logs.call_count == 1 31 | mock_sleep.assert_not_called() 32 | 33 | 34 | class TestCheckOrdTls: 35 | OPTS = { 36 | "msps": {"ord_MSP": {"namespace": "orderer-namespace"}}, 37 | "orderers": {"names": ["an-ord"], "msp": "ord_MSP"}, 38 | } 39 | 40 | @patch("nephos.fabric.ord.execute") 41 | def test_check_ord_tls(self, mock_execute): 42 | mock_execute.side_effect = [("value", None)] 43 | check_ord_tls(self.OPTS) 44 | mock_execute.assert_called_once_with( 45 | 'kubectl get cm -n orderer-namespace an-ord-hlf-ord--ord -o jsonpath="{.data.ORDERER_GENERAL_TLS_ENABLED}"', 46 | verbose=False, 47 | ) 48 | 49 | @patch("nephos.fabric.ord.execute") 50 | def test_check_ord_tls_verbose(self, mock_execute): 51 | mock_execute.side_effect = [("value", None)] 52 | check_ord_tls(self.OPTS, verbose=True) 53 | mock_execute.assert_called_once_with( 54 | 'kubectl get cm -n orderer-namespace an-ord-hlf-ord--ord -o jsonpath="{.data.ORDERER_GENERAL_TLS_ENABLED}"', 55 | verbose=True, 56 | ) 57 | 58 | 59 | class TestSetupOrd: 60 | OPTS = { 61 | "core": {"chart_repo": "a-repo", "dir_values": "./a_dir"}, 62 | "msps": {"ord_MSP": {"namespace": "ord-namespace"}}, 63 | "orderers": {"names": ["ord0"], "msp": "ord_MSP"}, 64 | } 65 | 66 | @patch("nephos.fabric.ord.helm_upgrade") 67 | @patch("nephos.fabric.ord.helm_install") 68 | @patch("nephos.fabric.ord.check_ord") 69 | def test_ord(self, mock_check_ord, mock_helm_install, mock_helm_upgrade): 70 | OPTS = deepcopy(self.OPTS) 71 | OPTS["orderers"]["names"] = ["ord0", "ord1"] 72 | setup_ord(OPTS) 73 | mock_helm_install.assert_has_calls( 74 | [ 75 | call( 76 | "a-repo", 77 | "hlf-ord", 78 | "ord0", 79 | "ord-namespace", 80 | config_yaml="./a_dir/hlf-ord/ord0.yaml", 81 | verbose=False, 82 | ), 83 | call( 84 | "a-repo", 85 | "hlf-ord", 86 | "ord1", 87 | "ord-namespace", 88 | config_yaml="./a_dir/hlf-ord/ord1.yaml", 89 | verbose=False, 90 | ), 91 | ] 92 | ) 93 | mock_helm_upgrade.assert_not_called() 94 | mock_check_ord.assert_has_calls( 95 | [ 96 | call("ord-namespace", "ord0", verbose=False), 97 | call("ord-namespace", "ord1", verbose=False), 98 | ] 99 | ) 100 | 101 | @patch("nephos.fabric.ord.helm_upgrade") 102 | @patch("nephos.fabric.ord.helm_install") 103 | @patch("nephos.fabric.ord.check_ord") 104 | def test_ord_kafka(self, mock_check_ord, mock_helm_install, mock_helm_upgrade): 105 | OPTS = deepcopy(self.OPTS) 106 | OPTS["orderers"]["kafka"] = {"pod_num": 42} 107 | setup_ord(OPTS, verbose=True) 108 | mock_helm_install.assert_has_calls( 109 | [ 110 | call( 111 | "incubator", 112 | "kafka", 113 | "kafka-hlf", 114 | "ord-namespace", 115 | config_yaml="./a_dir/kafka/kafka-hlf.yaml", 116 | pod_num=42, 117 | verbose=True, 118 | ), 119 | call( 120 | "a-repo", 121 | "hlf-ord", 122 | "ord0", 123 | "ord-namespace", 124 | config_yaml="./a_dir/hlf-ord/ord0.yaml", 125 | verbose=True, 126 | ), 127 | ] 128 | ) 129 | mock_helm_upgrade.assert_not_called() 130 | mock_check_ord.assert_called_once_with("ord-namespace", "ord0", verbose=True) 131 | 132 | @patch("nephos.fabric.ord.helm_upgrade") 133 | @patch("nephos.fabric.ord.helm_install") 134 | @patch("nephos.fabric.ord.check_ord") 135 | def test_ord_upgrade(self, mock_check_ord, mock_helm_install, mock_helm_upgrade): 136 | setup_ord(self.OPTS, upgrade=True) 137 | mock_helm_install.assert_not_called() 138 | mock_helm_upgrade.assert_called_once_with( 139 | "a-repo", 140 | "hlf-ord", 141 | "ord0", 142 | "ord-namespace", 143 | config_yaml="./a_dir/hlf-ord/ord0.yaml", 144 | verbose=False, 145 | ) 146 | mock_check_ord.assert_called_once_with("ord-namespace", "ord0", verbose=False) 147 | -------------------------------------------------------------------------------- /tests/fabric/test_settings.py: -------------------------------------------------------------------------------- 1 | from unittest.mock import patch, Mock 2 | 3 | import pytest 4 | 5 | from nephos.fabric.settings import ( 6 | dict_constructor, 7 | dict_representer, 8 | check_cluster, 9 | get_namespace, 10 | load_config, 11 | ) 12 | 13 | 14 | class TestDictConstuctor: 15 | @patch("nephos.fabric.settings.OrderedDict") 16 | def test_dict_constructor(self, mock_ordered_dict): 17 | mock_loader = Mock() 18 | mock_loader.construct_pairs.side_effect = ["pairs"] 19 | mock_node = Mock() 20 | dict_constructor(mock_loader, mock_node) 21 | mock_loader.construct_pairs.assert_called_once_with(mock_node) 22 | mock_ordered_dict.assert_called_once_with("pairs") 23 | 24 | 25 | class TestDictRepresenter: 26 | def test_dict_representer(self): 27 | mock_dumper = Mock() 28 | mock_data = Mock() 29 | mock_data.items.side_effect = [["some-items"]] 30 | dict_representer(mock_dumper, mock_data) 31 | mock_dumper.represent_dict.assert_called_once_with(["some-items"]) 32 | 33 | 34 | class TestCheckCluster: 35 | @patch("nephos.fabric.settings.context_get") 36 | def test_check_cluster(self, mock_context_get): 37 | mock_context_get.side_effect = [{"context": {"cluster": "a-cluster"}}] 38 | check_cluster("a-cluster") 39 | mock_context_get.assert_called_once_with() 40 | 41 | @patch("nephos.fabric.settings.context_get") 42 | def test_check_cluster_fail(self, mock_context_get): 43 | with pytest.raises(ValueError): 44 | check_cluster("a-cluster") 45 | mock_context_get.side_effect = [{"context": {"cluster": "another-cluster"}}] 46 | mock_context_get.assert_called_once_with() 47 | 48 | 49 | class TestGetNamespace: 50 | OPTS = { 51 | "core": {"namespace": "core-namespace"}, 52 | "msps": {"namespaced_MSP": {"namespace": "msp-ns"}, "core_MSP": {}}, 53 | "cas": {"a-ca": {"namespace": "ca-namespace"}, "core-ca": {}}, 54 | } 55 | 56 | def test_get_namespace_empty(self): 57 | result = get_namespace(self.OPTS) 58 | assert result == "core-namespace" 59 | 60 | def test_get_namespace_msp(self): 61 | result = get_namespace(self.OPTS, "namespaced_MSP") 62 | assert result == "msp-ns" 63 | 64 | def test_get_namespace_msp_core(self): 65 | result = get_namespace(self.OPTS, "core_MSP") 66 | assert result == "core-namespace" 67 | 68 | def test_get_namespace_msp_error(self): 69 | with pytest.raises(KeyError): 70 | get_namespace(self.OPTS, "nonexistent_MSP") 71 | 72 | def test_get_namespace_ca(self): 73 | result = get_namespace(self.OPTS, ca="a-ca") 74 | assert result == "ca-namespace" 75 | 76 | def test_get_namespace_ca_core(self): 77 | result = get_namespace(self.OPTS, ca="core-ca") 78 | assert result == "core-namespace" 79 | 80 | def test_get_namespace_ca_error(self): 81 | with pytest.raises(KeyError): 82 | get_namespace(self.OPTS, ca="nonexistent-ca") 83 | 84 | 85 | class TestLoadHlfConfig: 86 | @patch("nephos.fabric.settings.yaml") 87 | @patch("nephos.fabric.settings.path") 88 | @patch("nephos.fabric.settings.open") 89 | @patch("nephos.fabric.settings.check_cluster") 90 | def test_load_config(self, mock_check_cluster, mock_open, mock_path, mock_yaml): 91 | mock_yaml.safe_load.side_effect = [ 92 | { 93 | "core": { 94 | "chart_repo": "a-repo", 95 | "cluster": "a-cluster", 96 | "dir_config": "./config", 97 | "dir_crypto": "./crypto", 98 | "dir_values": "./helm_values", 99 | } 100 | } 101 | ] 102 | mock_path.isdir.side_effect = [False] 103 | mock_path.abspath.side_effect = [ 104 | "/home/user/config", 105 | "/home/user/crypto", 106 | "/home/user/helm_values", 107 | ] 108 | load_config("./some_settings.yaml") 109 | mock_open.assert_called_once_with("./some_settings.yaml") 110 | mock_yaml.safe_load.assert_called_once() 111 | mock_check_cluster.assert_called_once_with("a-cluster") 112 | mock_path.isdir.assert_called_once_with("a-repo") 113 | assert mock_path.expanduser.call_count == 3 114 | assert mock_path.abspath.call_count == 3 115 | 116 | @patch("nephos.fabric.settings.yaml") 117 | @patch("nephos.fabric.settings.path") 118 | @patch("nephos.fabric.settings.open") 119 | @patch("nephos.fabric.settings.check_cluster") 120 | def test_load_config_repodir( 121 | self, mock_check_cluster, mock_open, mock_path, mock_yaml 122 | ): 123 | mock_yaml.safe_load.side_effect = [ 124 | { 125 | "core": { 126 | "chart_repo": "./a_repo_dir", 127 | "dir_config": "./config", 128 | "dir_crypto": "./crypto", 129 | "dir_values": "./helm_values", 130 | } 131 | } 132 | ] 133 | mock_path.isdir.side_effect = [True] 134 | mock_path.abspath.side_effect = [ 135 | "/home/user/a_repo_dir", 136 | "/home/user/config", 137 | "/home/user/crypto", 138 | "/home/user/helm_values", 139 | ] 140 | load_config("./some_settings.yaml") 141 | mock_open.assert_called_once_with("./some_settings.yaml") 142 | mock_yaml.safe_load.assert_called_once() 143 | mock_check_cluster.assert_not_called() 144 | mock_path.isdir.assert_called_once_with("./a_repo_dir") 145 | assert mock_path.expanduser.call_count == 4 146 | assert mock_path.abspath.call_count == 4 147 | -------------------------------------------------------------------------------- /tests/fabric/test_utils.py: -------------------------------------------------------------------------------- 1 | from unittest.mock import patch 2 | 3 | from kubernetes.client.rest import ApiException 4 | import pytest 5 | 6 | from nephos.fabric.utils import credentials_secret, crypto_secret, get_pod 7 | 8 | 9 | class TestCredentialsSecret: 10 | SECRET_DATA = {"CA_USERNAME": "a-user", "CA_PASSWORD": "a-password"} 11 | 12 | @patch("nephos.fabric.utils.secret_read") 13 | @patch("nephos.fabric.utils.secret_create") 14 | @patch("nephos.fabric.utils.rand_string") 15 | def test_credentials_secret( 16 | self, mock_rand_string, mock_secret_create, mock_secret_read 17 | ): 18 | mock_secret_read.side_effect = [ApiException] 19 | mock_rand_string.side_effect = ["a-password"] 20 | credentials_secret("a-secret", "a-namespace", "a-user") 21 | mock_secret_read.assert_called_once_with( 22 | "a-secret", "a-namespace", verbose=False 23 | ) 24 | mock_rand_string.assert_called_once_with(24) 25 | mock_secret_create.assert_called_once_with( 26 | self.SECRET_DATA, "a-secret", "a-namespace" 27 | ) 28 | 29 | @patch("nephos.fabric.utils.secret_read") 30 | @patch("nephos.fabric.utils.secret_create") 31 | @patch("nephos.fabric.utils.rand_string") 32 | def test_credentials_secret_again( 33 | self, mock_rand_string, mock_secret_create, mock_secret_read 34 | ): 35 | mock_secret_read.side_effect = [self.SECRET_DATA] 36 | credentials_secret("a-secret", "a-namespace", "a-user", "a-password") 37 | mock_secret_read.assert_called_once_with( 38 | "a-secret", "a-namespace", verbose=False 39 | ) 40 | mock_rand_string.assert_not_called() 41 | mock_secret_create.assert_not_called() 42 | 43 | @patch("nephos.fabric.utils.secret_read") 44 | @patch("nephos.fabric.utils.secret_create") 45 | @patch("nephos.fabric.utils.rand_string") 46 | def test_credentials_secret_badpassword( 47 | self, mock_rand_string, mock_secret_create, mock_secret_read 48 | ): 49 | mock_secret_read.side_effect = [self.SECRET_DATA] 50 | with pytest.raises(AssertionError): 51 | credentials_secret( 52 | "a-secret", "a-namespace", "a-user", "another-password", verbose=True 53 | ) 54 | mock_secret_read.assert_called_once_with( 55 | "a-secret", "a-namespace", verbose=True 56 | ) 57 | mock_rand_string.assert_not_called() 58 | mock_secret_create.assert_not_called() 59 | 60 | @patch("nephos.fabric.utils.secret_read") 61 | @patch("nephos.fabric.utils.secret_create") 62 | @patch("nephos.fabric.utils.rand_string") 63 | def test_credentials_secret_baduser( 64 | self, mock_rand_string, mock_secret_create, mock_secret_read 65 | ): 66 | mock_secret_read.side_effect = [self.SECRET_DATA] 67 | with pytest.raises(AssertionError): 68 | credentials_secret("a-secret", "a-namespace", "another-user", "a-password") 69 | mock_secret_read.assert_called_once_with( 70 | "a-secret", "a-namespace", verbose=False 71 | ) 72 | mock_rand_string.assert_not_called() 73 | mock_secret_create.assert_not_called() 74 | 75 | 76 | class TestCryptoSecret: 77 | @patch("nephos.fabric.utils.secret_from_file") 78 | @patch("nephos.fabric.utils.glob") 79 | def test_crypto_secret(self, mock_glob, mock_secret_from_file): 80 | mock_glob.side_effect = [["./a_path/a_file.txt"]] 81 | crypto_secret("a-secret", "a-namespace", "./a_dir", "some_file.txt") 82 | mock_glob.assert_called_once_with("./a_dir/*") 83 | mock_secret_from_file.assert_called_once_with( 84 | secret="a-secret", 85 | namespace="a-namespace", 86 | key="some_file.txt", 87 | filename="./a_path/a_file.txt", 88 | verbose=False, 89 | ) 90 | 91 | @patch("nephos.fabric.utils.secret_from_file") 92 | @patch("nephos.fabric.utils.glob") 93 | def test_crypto_secret_fail(self, mock_glob, mock_secret_from_file): 94 | mock_glob.side_effect = [[]] 95 | with pytest.raises(Exception): 96 | crypto_secret("a-secret", "a-namespace", "./a_dir", "some_file.txt") 97 | mock_glob.assert_called_once_with("./a_dir/*") 98 | mock_secret_from_file.assert_not_called() 99 | 100 | 101 | class TestGetPod: 102 | @patch("nephos.fabric.utils.Executer") 103 | @patch("nephos.fabric.utils.execute") 104 | def test_get_pod(self, mock_execute, mock_Executer): 105 | mock_execute.side_effect = [("a-pod", None)] 106 | get_pod("a-namespace", "a-release", "an-app") 107 | mock_execute.assert_called_once_with( 108 | 'kubectl get pods -n a-namespace -l "app=an-app,release=a-release" ' 109 | + '-o jsonpath="{.items[0].metadata.name}"', 110 | verbose=False, 111 | ) 112 | mock_Executer.assert_called_once_with( 113 | "a-pod", namespace="a-namespace", verbose=False 114 | ) 115 | 116 | @patch("nephos.fabric.utils.Executer") 117 | @patch("nephos.fabric.utils.execute") 118 | def test_get_pod_fail(self, mock_execute, mock_Executer): 119 | mock_execute.side_effect = [(None, "error")] 120 | with pytest.raises(ValueError): 121 | get_pod("a-namespace", "a-release", "an-app", verbose=True) 122 | mock_execute.assert_called_once_with( 123 | 'kubectl get pods -n a-namespace -l "app=an-app,release=a-release" ' 124 | + '-o jsonpath="{.items[0].metadata.name}"', 125 | verbose=True, 126 | ) 127 | mock_Executer.assert_not_called() 128 | -------------------------------------------------------------------------------- /tests/test_deploy.py: -------------------------------------------------------------------------------- 1 | from unittest.mock import call, patch 2 | 3 | from click.testing import CliRunner 4 | 5 | from nephos.deploy import cli 6 | 7 | RUNNER = CliRunner() 8 | 9 | 10 | def test_cli(): 11 | result = RUNNER.invoke(cli) 12 | assert result.exit_code == 0 13 | assert "Nephos helps you install Hyperledger Fabric on Kubernetes" in result.output 14 | 15 | 16 | @patch("nephos.deploy.runner_ca") 17 | @patch("nephos.deploy.load_config") 18 | def test_cert_auth(mock_load_config, mock_runner_ca): 19 | mock_load_config.side_effect = ["some-opts"] 20 | result = RUNNER.invoke(cli, ["--settings_file", "nephos_config.yaml", "cert-auth"]) 21 | mock_load_config.assert_called_once_with("nephos_config.yaml") 22 | mock_runner_ca.assert_called_once_with("some-opts", upgrade=False, verbose=False) 23 | assert result.exit_code == 0 24 | 25 | 26 | @patch("nephos.deploy.runner_composer") 27 | @patch("nephos.deploy.load_config") 28 | def test_composer(mock_load_config, mock_runner_composer): 29 | mock_load_config.side_effect = ["some-opts"] 30 | result = RUNNER.invoke(cli, ["--settings_file", "nephos_config.yaml", "composer"]) 31 | mock_load_config.assert_called_once_with("nephos_config.yaml") 32 | mock_runner_composer.assert_called_once_with( 33 | "some-opts", upgrade=False, verbose=False 34 | ) 35 | assert result.exit_code == 0 36 | 37 | 38 | @patch("nephos.deploy.runner_composer_up") 39 | @patch("nephos.deploy.load_config") 40 | def test_composer_up(mock_load_config, mock_runner_composer_up): 41 | mock_load_config.side_effect = ["some-opts"] 42 | result = RUNNER.invoke( 43 | cli, ["--settings_file", "nephos_config.yaml", "composer-up"] 44 | ) 45 | mock_load_config.assert_called_once_with("nephos_config.yaml") 46 | mock_runner_composer_up.assert_called_once_with("some-opts", verbose=False) 47 | assert result.exit_code == 0 48 | 49 | 50 | @patch("nephos.deploy.runner_crypto") 51 | @patch("nephos.deploy.load_config") 52 | def test_crypto(mock_load_config, mock_runner_crypto): 53 | mock_load_config.side_effect = ["some-opts"] 54 | result = RUNNER.invoke(cli, ["--settings_file", "nephos_config.yaml", "crypto"]) 55 | mock_load_config.assert_called_once_with("nephos_config.yaml") 56 | mock_runner_crypto.assert_called_once_with("some-opts", verbose=False) 57 | assert result.exit_code == 0 58 | 59 | 60 | @patch("nephos.deploy.runner_deploy") 61 | @patch("nephos.deploy.load_config") 62 | def test_deploy(mock_load_config, mock_runner_deploy): 63 | mock_load_config.side_effect = ["some-opts"] 64 | result = RUNNER.invoke(cli, ["--settings_file", "nephos_config.yaml", "deploy"]) 65 | mock_load_config.assert_called_once_with("nephos_config.yaml") 66 | mock_runner_deploy.assert_called_once_with( 67 | "some-opts", upgrade=False, verbose=False 68 | ) 69 | assert result.exit_code == 0 70 | 71 | 72 | @patch("nephos.deploy.runner_fabric") 73 | @patch("nephos.deploy.load_config") 74 | def test_fabric(mock_load_config, mock_runner_fabric): 75 | mock_load_config.side_effect = ["some-opts"] 76 | result = RUNNER.invoke(cli, ["--settings_file", "nephos_config.yaml", "fabric"]) 77 | mock_load_config.assert_called_once_with("nephos_config.yaml") 78 | mock_runner_fabric.assert_called_once_with( 79 | "some-opts", upgrade=False, verbose=False 80 | ) 81 | assert result.exit_code == 0 82 | 83 | 84 | @patch("nephos.deploy.runner_orderer") 85 | @patch("nephos.deploy.load_config") 86 | def test_orderer(mock_load_config, mock_runner_orderer): 87 | mock_load_config.side_effect = ["some-opts"] 88 | result = RUNNER.invoke(cli, ["--settings_file", "nephos_config.yaml", "orderer"]) 89 | mock_load_config.assert_called_once_with("nephos_config.yaml") 90 | mock_runner_orderer.assert_called_once_with( 91 | "some-opts", upgrade=False, verbose=False 92 | ) 93 | assert result.exit_code == 0 94 | 95 | 96 | @patch("nephos.deploy.runner_peer") 97 | @patch("nephos.deploy.load_config") 98 | def test_peer(mock_load_config, mock_runner_peer): 99 | mock_load_config.side_effect = ["some-opts"] 100 | result = RUNNER.invoke(cli, ["--settings_file", "nephos_config.yaml", "peer"]) 101 | mock_load_config.assert_called_once_with("nephos_config.yaml") 102 | mock_runner_peer.assert_called_once_with("some-opts", upgrade=False, verbose=False) 103 | assert result.exit_code == 0 104 | 105 | 106 | class TestSettings: 107 | @patch("nephos.deploy.print") 108 | @patch("nephos.deploy.load_config") 109 | def test_settings(self, mock_load_config, mock_print): 110 | mock_load_config.side_effect = ["some-opts"] 111 | result = RUNNER.invoke( 112 | cli, ["--settings_file", "nephos_config.yaml", "settings"] 113 | ) 114 | mock_load_config.assert_called_once_with("nephos_config.yaml") 115 | mock_print.assert_called_once_with("Settings successfully loaded...\n") 116 | assert result.exit_code == 0 117 | 118 | @patch("nephos.deploy.print") 119 | @patch("nephos.deploy.load_config") 120 | def test_settings_verbose(self, mock_load_config, mock_print): 121 | mock_load_config.side_effect = [{"key": "value"}] 122 | result = RUNNER.invoke( 123 | cli, ["-v", "--settings_file", "nephos_config.yaml", "settings"] 124 | ) 125 | mock_load_config.assert_called_once_with("nephos_config.yaml") 126 | mock_print.assert_has_calls( 127 | [ 128 | call("Settings successfully loaded...\n"), 129 | call('{\n "key": "value"\n}'), 130 | ] 131 | ) 132 | assert result.exit_code == 0 133 | -------------------------------------------------------------------------------- /tests/test_runners.py: -------------------------------------------------------------------------------- 1 | from copy import deepcopy 2 | from unittest.mock import call, patch 3 | 4 | 5 | from nephos.runners import ( 6 | runner_ca, 7 | runner_composer, 8 | runner_composer_up, 9 | runner_crypto, 10 | runner_deploy, 11 | runner_fabric, 12 | runner_orderer, 13 | runner_peer, 14 | ) 15 | 16 | 17 | class TestRunnerCa: 18 | OPTS = {"cas": {"a-ca": {}}} 19 | 20 | @patch("nephos.runners.setup_ca") 21 | @patch("nephos.runners.print") 22 | def test_runner_ca(self, mock_print, mock_setup_ca): 23 | opts = deepcopy(self.OPTS) 24 | runner_ca(opts, upgrade=False) 25 | mock_setup_ca.assert_called_once_with(opts, upgrade=False, verbose=False) 26 | mock_print.assert_not_called() 27 | 28 | @patch("nephos.runners.setup_ca") 29 | @patch("nephos.runners.print") 30 | def test_runner_ca_cryptogen(self, mock_print, mock_setup_ca): 31 | opts = deepcopy(self.OPTS) 32 | del opts["cas"]["a-ca"] 33 | runner_ca(opts, upgrade=False) 34 | mock_setup_ca.assert_not_called() 35 | mock_print.assert_called_once_with( 36 | "No CAs defined in Nephos settings, ignoring CA setup" 37 | ) 38 | 39 | 40 | class TestRunnerComposer: 41 | OPTS = "some-self.OPTS" 42 | 43 | @patch("nephos.runners.setup_admin") 44 | @patch("nephos.runners.install_network") 45 | @patch("nephos.runners.deploy_composer") 46 | def test_runner_composer( 47 | self, mock_deploy_composer, mock_install_network, mock_setup_admin 48 | ): 49 | runner_composer(self.OPTS, upgrade=False) 50 | mock_deploy_composer.assert_called_once_with( 51 | self.OPTS, upgrade=False, verbose=False 52 | ) 53 | mock_setup_admin.assert_called_once_with(self.OPTS, verbose=False) 54 | mock_install_network.assert_called_once_with(self.OPTS, verbose=False) 55 | 56 | 57 | class TestRunnerComposerUp: 58 | OPTS = "some-self.OPTS" 59 | 60 | @patch("nephos.runners.upgrade_network") 61 | def test_runner_composer_up(self, mock_upgrade_network): 62 | runner_composer_up(self.OPTS) 63 | mock_upgrade_network.assert_called_once_with(self.OPTS, verbose=False) 64 | 65 | 66 | class TestRunnerCrypto: 67 | OPTS = {"orderers": {"msp": "ord_MSP"}, "peers": {"msp": "peer_MSP"}} 68 | 69 | @patch("nephos.runners.setup_nodes") 70 | @patch("nephos.runners.genesis_block") 71 | @patch("nephos.runners.channel_tx") 72 | @patch("nephos.runners.admin_msp") 73 | def test_runner_crypto( 74 | self, mock_admin_msp, mock_channel_tx, mock_genesis_block, mock_setup_nodes 75 | ): 76 | runner_crypto(self.OPTS) 77 | mock_admin_msp.assert_has_calls( 78 | [ 79 | call(self.OPTS, "ord_MSP", verbose=False), 80 | call(self.OPTS, "peer_MSP", verbose=False), 81 | ] 82 | ) 83 | mock_genesis_block.assert_called_once_with(self.OPTS, verbose=False) 84 | mock_channel_tx.assert_called_once_with(self.OPTS, verbose=False) 85 | # Setup node MSPs 86 | mock_setup_nodes.assert_has_calls( 87 | [ 88 | call(self.OPTS, "orderer", verbose=False), 89 | call(self.OPTS, "peer", verbose=False), 90 | ] 91 | ) 92 | 93 | 94 | class TestRunnerDeploy: 95 | OPTS = "some-self.OPTS" 96 | 97 | @patch("nephos.runners.runner_fabric") 98 | @patch("nephos.runners.runner_composer") 99 | def test_runner_deploy(self, mock_runner_composer, mock_runner_fabric): 100 | runner_deploy(self.OPTS, upgrade=False) 101 | mock_runner_fabric.assert_called_once_with( 102 | self.OPTS, upgrade=False, verbose=False 103 | ) 104 | mock_runner_composer.assert_called_once_with( 105 | self.OPTS, upgrade=False, verbose=False 106 | ) 107 | 108 | 109 | class TestRunnerFabric: 110 | OPTS = "some-self.OPTS" 111 | 112 | @patch("nephos.runners.runner_peer") 113 | @patch("nephos.runners.runner_orderer") 114 | @patch("nephos.runners.runner_crypto") 115 | @patch("nephos.runners.runner_ca") 116 | def test_runner_fabric( 117 | self, mock_runner_ca, mock_runner_crypto, mock_runner_orderer, mock_runner_peer 118 | ): 119 | runner_fabric(self.OPTS, upgrade=False) 120 | mock_runner_ca.assert_called_once_with(self.OPTS, upgrade=False, verbose=False) 121 | mock_runner_crypto.assert_called_once_with(self.OPTS, verbose=False) 122 | mock_runner_orderer.assert_called_once_with( 123 | self.OPTS, upgrade=False, verbose=False 124 | ) 125 | mock_runner_peer.assert_called_once_with( 126 | self.OPTS, upgrade=False, verbose=False 127 | ) 128 | 129 | 130 | class TestRunnerOrderer: 131 | OPTS = "some-self.OPTS" 132 | 133 | @patch("nephos.runners.setup_ord") 134 | def test_runner_orderer(self, mock_setup_ord): 135 | runner_orderer(self.OPTS, upgrade=False) 136 | mock_setup_ord.assert_called_once_with(self.OPTS, upgrade=False, verbose=False) 137 | 138 | 139 | class TestRunnerPeer: 140 | OPTS = "some-self.OPTS" 141 | 142 | @patch("nephos.runners.setup_peer") 143 | @patch("nephos.runners.create_channel") 144 | def test_runner_peer(self, mock_setup_channel, mock_setup_peer): 145 | runner_peer(self.OPTS, upgrade=False) 146 | mock_setup_peer.assert_called_once_with(self.OPTS, upgrade=False, verbose=False) 147 | mock_setup_channel.assert_called_once_with(self.OPTS, verbose=False) 148 | -------------------------------------------------------------------------------- /travis_success.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | codecov --token=${CODECOV_TOKEN} 4 | 5 | NEPHOS_VERSION=$(cat setup.py | grep 'VERSION =' | awk '{print $3}') 6 | echo "Nephos version is $NEPHOS_VERSION" 7 | 8 | PACKAGE_PYPI=$(curl -s https://pypi.org/pypi/nephos/json | jq '.releases | keys[]' | grep ${NEPHOS_VERSION}) 9 | echo "On PyPI we have $PACKAGE_PYPI" 10 | 11 | if [[ ${PACKAGE_PYPI} ]] 12 | then 13 | echo "Package has already been uploaded to PyPI" 14 | else 15 | python setup.py upload 16 | fi 17 | 18 | if [[ ${TRAVIS_PULL_REQUEST} == "true" ]] 19 | then 20 | # Cosmic Ray (Mutation testing) 21 | pip install cosmic_ray 22 | cosmic-ray -v INFO init cosmic_ray_config.yaml my_session.sqlite 23 | cosmic-ray -v INFO exec my_session.sqlite 24 | cr-report my_session.sqlite | grep 'complete:' 25 | cr-report my_session.sqlite | grep 'survival rate:' 26 | fi 27 | --------------------------------------------------------------------------------