Skip to content

Commit

Permalink
Merge "External launch metadata uses PEM encoding"
Browse files Browse the repository at this point in the history
  • Loading branch information
@mastersingh24
mastersingh24 authored and Gerrit Code Review committed Nov 12, 2019
2 parents f4c7914 + f52af9a commit ce7aca8
Show file tree
Hide file tree
Showing 4 changed files with 23 additions and 24 deletions.
12 changes: 6 additions & 6 deletions core/container/externalbuilders/externalbuilders.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -381,9 +381,9 @@ func (b *Builder) Release(buildContext *BuildContext) error {
type RunConfig struct {
CCID string `json:"chaincode_id"`
PeerAddress string `json:"peer_address"`
ClientCert []byte `json:"client_cert"`
ClientKey []byte `json:"client_key"`
RootCert []byte `json:"root_cert"`
ClientCert string `json:"client_cert"` // PEM encoded client certifcate
ClientKey string `json:"client_key"` // PEM encoded client key
RootCert string `json:"root_cert"` // PEM encoded peer chaincode certificate
}

type RunStatus struct {
Expand Down Expand Up @@ -422,9 +422,9 @@ func (b *Builder) Run(ccid, bldDir string, peerConnection *ccintf.PeerConnection
}

if peerConnection.TLSConfig != nil {
lc.ClientCert = peerConnection.TLSConfig.ClientCert
lc.ClientKey = peerConnection.TLSConfig.ClientKey
lc.RootCert = peerConnection.TLSConfig.RootCert
lc.ClientCert = string(peerConnection.TLSConfig.ClientCert)
lc.ClientKey = string(peerConnection.TLSConfig.ClientKey)
lc.RootCert = string(peerConnection.TLSConfig.RootCert)
}

launchDir, err := ioutil.TempDir("", "fabric-run")
Expand Down
5 changes: 3 additions & 2 deletions core/container/externalbuilders/testdata/goodbuilder/bin/run
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,12 @@
#!/bin/bash

OUTPUT_JSON="$(jq -S . $2/chaincode.json)"
OUTPUT_JSON="$(jq -S . "$2/chaincode.json")"

EXPECTED_JSON="$(echo '{"chaincode_id":"test-ccid","peer_address":"fake-peer-address","client_cert":"ZmFrZS1jbGllbnQtY2VydA==","client_key":"ZmFrZS1jbGllbnQta2V5","root_cert":"ZmFrZS1yb290LWNlcnQ="}' | jq -S .)"
EXPECTED_JSON="$(echo '{"chaincode_id":"test-ccid","peer_address":"fake-peer-address","client_cert":"fake-client-cert","client_key":"fake-client-key","root_cert":"fake-root-cert"}' | jq -S .)"

if [ "$OUTPUT_JSON" = "$EXPECTED_JSON" ] ; then
exit 0
fi

echo "got $OUTPUT_JSON; want $EXPECTED_JSON"
exit 1
24 changes: 11 additions & 13 deletions integration/externalbuilders/binary/bin/run
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,21 +14,19 @@ fi
OUTPUT=$1
ARTIFACTS=$2

export CORE_CHAINCODE_ID_NAME="$(jq -r .chaincode_id $ARTIFACTS/chaincode.json)"
export CORE_TLS_CLIENT_CERT_PATH="$ARTIFACTS/client.crt"
export CORE_TLS_CLIENT_KEY_PATH="$ARTIFACTS/client.key"
# shellcheck disable=SC2155
export CORE_CHAINCODE_ID_NAME="$(jq -r .chaincode_id "$ARTIFACTS/chaincode.json")"
export CORE_PEER_TLS_ENABLED="true"
export CORE_TLS_CLIENT_CERT_FILE="$ARTIFACTS/client.crt"
export CORE_TLS_CLIENT_KEY_FILE="$ARTIFACTS/client.key"
export CORE_PEER_TLS_ROOTCERT_FILE="$ARTIFACTS/root.crt"

# Note, for strange historical reasons, the chaincode expects the cert and key
# to be base64 encoded, but not the root cert.
jq -r .client_cert $ARTIFACTS/chaincode.json > "$CORE_TLS_CLIENT_CERT_PATH"
jq -r .client_key $ARTIFACTS/chaincode.json > "$CORE_TLS_CLIENT_KEY_PATH"
jq -r .root_cert $ARTIFACTS/chaincode.json | base64 --decode > "$CORE_PEER_TLS_ROOTCERT_FILE"
jq -r .client_cert "$ARTIFACTS/chaincode.json" > "$CORE_TLS_CLIENT_CERT_FILE"
jq -r .client_key "$ARTIFACTS/chaincode.json" > "$CORE_TLS_CLIENT_KEY_FILE"
jq -r .root_cert "$ARTIFACTS/chaincode.json" > "$CORE_PEER_TLS_ROOTCERT_FILE"

if [ -z "$(cat $CORE_TLS_CLIENT_CERT_PATH)" ] ; then
export CORE_PEER_TLS_ENABLED=false
else
export CORE_PEER_TLS_ENABLED=true
if [ -z "$(jq -r .client_cert "$ARTIFACTS/chaincode.json")" ]; then
export CORE_PEER_TLS_ENABLED="false"
fi

exec "$OUTPUT/chaincode" -peer.address=$(jq -r .peer_address "$ARTIFACTS/chaincode.json")
exec "$OUTPUT/chaincode" -peer.address="$(jq -r .peer_address "$ARTIFACTS/chaincode.json")"
6 changes: 3 additions & 3 deletions integration/externalbuilders/golang/bin/run
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,9 +21,9 @@ export CORE_TLS_CLIENT_CERT_FILE="$ARTIFACTS/client.crt"
export CORE_TLS_CLIENT_KEY_FILE="$ARTIFACTS/client.key"
export CORE_PEER_TLS_ROOTCERT_FILE="$ARTIFACTS/root.crt"

jq -r .root_cert "$ARTIFACTS/chaincode.json" | base64 --decode > "$CORE_PEER_TLS_ROOTCERT_FILE"
jq -r .client_key "$ARTIFACTS/chaincode.json" | base64 --decode > "$CORE_TLS_CLIENT_KEY_FILE"
jq -r .client_cert "$ARTIFACTS/chaincode.json" | base64 --decode > "$CORE_TLS_CLIENT_CERT_FILE"
jq -r .client_cert "$ARTIFACTS/chaincode.json" > "$CORE_TLS_CLIENT_CERT_FILE"
jq -r .client_key "$ARTIFACTS/chaincode.json" > "$CORE_TLS_CLIENT_KEY_FILE"
jq -r .root_cert "$ARTIFACTS/chaincode.json" > "$CORE_PEER_TLS_ROOTCERT_FILE"

if [ -z "$(jq -r .client_cert "$ARTIFACTS/chaincode.json")" ]; then
export CORE_PEER_TLS_ENABLED="false"
Expand Down

0 comments on commit ce7aca8

Please sign in to comment.