Extend types + revocation on CA (#227)

* Change requeue after to more time, to be more responsive in large environments Extend types to expose more kubernetes properties, specially in the chaincode. Add configurable policies to fabric main channel. Signed-off-by: David VIEJO <dviejo@kungfusoftware.es> * Add revoke * Upgrade docusaurus Signed-off-by: David VIEJO <dviejo@kungfusoftware.es> * Create new chaincode controllers Signed-off-by: David VIEJO <dviejo@kungfusoftware.es> * Add hlf_types for install/approve/commit Signed-off-by: David VIEJO <dviejo@kungfusoftware.es> * Implement chaincode install Signed-off-by: David VIEJO <dviejo@kungfusoftware.es> * implement install chaincode Signed-off-by: David VIEJO <dviejo@kungfusoftware.es> * Update Signed-off-by: David VIEJO <dviejo@kungfusoftware.es> * Update Signed-off-by: David VIEJO <dviejo@kungfusoftware.es> * Tmp ch install * Implement changes to 3.0 Signed-off-by: David VIEJO <dviejo@kungfusoftware.es> * Update mainchannel Signed-off-by: David VIEJO <dviejo@kungfusoftware.es> * update * Updates Signed-off-by: David VIEJO <dviejo@kungfusoftware.es> * checkpoint Signed-off-by: David VIEJO <dviejo@kungfusoftware.es> * Refactor main channel Signed-off-by: David VIEJO <dviejo@kungfusoftware.es> * Update Signed-off-by: David VIEJO <dviejo@kungfusoftware.es> * Add chaincodecrds cmd CLI Signed-off-by: David VIEJO <dviejo@kungfusoftware.es> * Fix codegen Signed-off-by: David VIEJO <dviejo@kungfusoftware.es> * Update controller-gen and upgrade libraries Signed-off-by: David VIEJO <dviejo@kungfusoftware.es> * Update go to 1.23.1 Signed-off-by: David VIEJO <dviejo@kungfusoftware.es> * Update controller-runtime Signed-off-by: David VIEJO <dviejo@kungfusoftware.es> * Update Signed-off-by: David VIEJO <dviejo@kungfusoftware.es> * Update Signed-off-by: David VIEJO <dviejo@kungfusoftware.es> * try to fix pipeline Signed-off-by: David VIEJO <dviejo@kungfusoftware.es> * Update workflow Signed-off-by: David VIEJO <dviejo@kungfusoftware.es> * Update Signed-off-by: David VIEJO <dviejo@kungfusoftware.es> * try to fix pipeline Signed-off-by: David VIEJO <dviejo@kungfusoftware.es> * Fix pipeline Signed-off-by: David VIEJO <dviejo@kungfusoftware.es> * Fix pipeline Signed-off-by: David VIEJO <dviejo@kungfusoftware.es> * fix mspFilterArray in case it's empty Signed-off-by: David VIEJO <dviejo@kungfusoftware.es> * Update goreleaser beta Signed-off-by: David VIEJO <dviejo@kungfusoftware.es> * Update the image Signed-off-by: David VIEJO <dviejo@kungfusoftware.es> * Update kubectl-hlf + timeout on followerchannel + mainchannel after failure Signed-off-by: David VIEJO <dviejo@kungfusoftware.es> * Change owner from hyperledger to hyperledger-bevel Signed-off-by: David VIEJO <dviejo@kungfusoftware.es> * Remove org2 from README.md Signed-off-by: David VIEJO <dviejo@kungfusoftware.es> * go.sum modification Signed-off-by: David VIEJO <dviejo@kungfusoftware.es> * fix test pipeline Signed-off-by: David VIEJO <dviejo@kungfusoftware.es> --------- Signed-off-by: David VIEJO <dviejo@kungfusoftware.es>
hyperledger-bevel · Oct 29, 2024 · 75b970b · 75b970b
1 parent d400c54
commit 75b970b
Show file tree

Hide file tree

Showing 407 changed files with 20,425 additions and 46,687 deletions.
diff --git a/.github/workflows/goreleaser-beta.yml b/.github/workflows/goreleaser-beta.yml
@@ -16,7 +16,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v2
         with:
-          go-version: 1.21
+          go-version: 1.23
       -
         name: Docker Login
         uses: docker/login-action@v1
@@ -29,6 +29,6 @@ jobs:
         uses: goreleaser/goreleaser-action@v2
         with:
           version: latest
-          args: release --rm-dist
+          args: release
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/goreleaser.yml b/.github/workflows/goreleaser.yml
@@ -16,7 +16,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v2
         with:
-          go-version: 1.21
+          go-version: 1.23
       -
         name: Docker Login
         uses: docker/login-action@v1

diff --git a/.github/workflows/release_web.yml b/.github/workflows/release_web.yml
@@ -0,0 +1,44 @@
+name: Deploy Docusaurus to GitHub Pages
+
+on:
+    push:
+        branches:
+            - main
+
+jobs:
+    deploy:
+        name: Deploy to GitHub Pages
+        runs-on: ubuntu-latest
+        steps:
+            - uses: actions/checkout@v3
+
+            - name: Setup Bun
+              uses: oven-sh/setup-bun@v1
+              with:
+                  bun-version: latest
+
+            - name: Cache dependencies
+              uses: actions/cache@v3
+              with:
+                  path: ~/.bun/install/cache
+                  key: ${{ runner.os }}-bun-${{ hashFiles('**/bun.lockb') }}
+                  restore-keys: |
+                      ${{ runner.os }}-bun-
+
+            - name: Install dependencies
+              run: |
+                  cd website-docs
+                  bun install
+
+            - name: Build Docusaurus website
+              run: |
+                  cd website-docs
+                  bun run build
+
+            - name: Deploy to GitHub Pages
+              uses: peaceiris/actions-gh-pages@v3
+              with:
+                  github_token: ${{ secrets.GITHUB_TOKEN }}
+                  publish_dir: ./website-docs/build
+                  user_name: 'github-actions[bot]'
+                  user_email: 'github-actions[bot]@users.noreply.github.com'
diff --git a/.github/workflows/test-kubectl-plugin.yml b/.github/workflows/test-kubectl-plugin.yml
@@ -8,7 +8,7 @@ jobs:
   kubectl-hlf:
     strategy:
       matrix:
-        go-version: [ 1.21.x ]
+        go-version: [ 1.23.x ]
         os: [ ubuntu-latest ]
     runs-on: ${{ matrix.os }}
     env:
@@ -33,27 +33,26 @@ jobs:
           cd kubectl-hlf
           go build -o kubectl-hlf ./main.go
           sudo mv kubectl-hlf /usr/local/bin/kubectl-hlf
-      - name: Build Docker Image
+
+      - name: Install operator CRDs deploy
+        run: |
+          go install sigs.k8s.io/controller-tools/cmd/controller-gen@v0.16.4
+          make generate manifests install
+      - name: Deploy the operator
         run: |
           export GOOS=linux
           export GOARCH=amd64
           export CGO_ENABLED=0
           go build -o hlf-operator ./main.go
           docker build -t "${IMAGE}:${TAG}" .
           kind load docker-image "${IMAGE}:${TAG}"
-      - name: Deploy operator
-        run: |
-          helm repo add kfs https://kfsoftware.github.io/hlf-helm-charts --force-update
-          helm install hlf-operator --version=1.10.0-beta2 kfs/hlf-operator --set image.repository="${IMAGE}" --set image.tag="${TAG}" --set image.pullPolicy="IfNotPresent"
+          make deploy IMG="${IMAGE}:${TAG}"
+
 
-      - name: Install operator CRDs
-        run: |
-          go install sigs.k8s.io/controller-tools/cmd/controller-gen@v0.14.0
-          make generate manifests install
       - name: Install Istio
         run: |
-          curl -L https://istio.io/downloadIstio | ISTIO_VERSION=1.20.0 TARGET_ARCH=x86_64 sh -
-          export PATH="$PATH:$PWD/istio-1.20.0/bin"
+          curl -L https://istio.io/downloadIstio | ISTIO_VERSION=1.23.2 TARGET_ARCH=x86_64 sh -
+          export PATH="$PATH:$PWD/istio-1.23.2/bin"
           kubectl create namespace istio-system
 
           istioctl operator init
@@ -123,7 +122,7 @@ jobs:
 
           sleep 2
 
-          kubectl wait --timeout=180s --for=jsonpath='{.status.status}'=HEALTHY istiooperator istio-gateway --namespace=istio-system
+          kubectl wait --timeout=240s --for=jsonpath='{.status.status}'=HEALTHY istiooperator istio-gateway --namespace=istio-system
 
       - name: Configure DNS in Kubernetes
         run: |
@@ -169,14 +168,14 @@ jobs:
       - name: Create Peer org
         run: |
           export PEER_IMAGE=hyperledger/fabric-peer
-          export PEER_VERSION=2.5.5
+          export PEER_VERSION=2.5.10
 
           export CA_IMAGE=hyperledger/fabric-ca
-          export CA_VERSION=1.5.7
+          export CA_VERSION=1.5.13
 
           kubectl hlf ca create --image=$CA_IMAGE --version=$CA_VERSION --storage-class=standard --capacity=2Gi --name=org1-ca \
               --enroll-id=enroll --hosts=org1-ca.localho.st --enroll-pw=enrollpw
-          kubectl wait --timeout=180s --for=condition=Running fabriccas.hlf.kungfusoftware.es --all    
+          kubectl wait --timeout=240s --for=condition=Running fabriccas.hlf.kungfusoftware.es --all    
 
           # register user for the peers
           kubectl hlf ca register --name=org1-ca --user=peer --secret=peerpw --type=peer \
@@ -186,26 +185,26 @@ jobs:
           kubectl hlf peer create --statedb=couchdb --image=$PEER_IMAGE --version=$PEER_VERSION \
                   --storage-class=standard --enroll-id=peer --mspid=Org1MSP \
                   --enroll-pw=peerpw --hosts=peer0-org1.localho.st --capacity=5Gi --name=org1-peer0 --ca-name=org1-ca.default
-          kubectl wait --timeout=180s --for=condition=Running fabricpeers.hlf.kungfusoftware.es --all
+          kubectl wait --timeout=240s --for=condition=Running fabricpeers.hlf.kungfusoftware.es --all
       - name: Create Orderer Org
         run: |
           export ORDERER_IMAGE=hyperledger/fabric-orderer
-          export ORDERER_VERSION=2.5.5
+          export ORDERER_VERSION=2.5.10
 
           export CA_IMAGE=hyperledger/fabric-ca
-          export CA_VERSION=1.5.7
+          export CA_VERSION=1.5.13
 
           kubectl hlf ca create --image=$CA_IMAGE --version=$CA_VERSION --storage-class=standard --capacity=2Gi --name=ord-ca \
               --enroll-id=enroll --enroll-pw=enrollpw --hosts=ord-ca.localho.st
 
-          kubectl wait --timeout=180s --for=condition=Running fabriccas.hlf.kungfusoftware.es --all
+          kubectl wait --timeout=240s --for=condition=Running fabriccas.hlf.kungfusoftware.es --all
           kubectl hlf ca register --name=ord-ca --user=orderer --secret=ordererpw \
               --type=orderer --enroll-id enroll --enroll-secret=enrollpw --mspid=OrdererMSP
 
           kubectl hlf ordnode create --image=$ORDERER_IMAGE --version=$ORDERER_VERSION \
               --storage-class=standard --enroll-id=orderer --mspid=OrdererMSP --hosts=orderer0-ord.localho.st --admin-hosts=admin-orderer0-ord.localho.st \
               --enroll-pw=ordererpw --capacity=2Gi --name=ord-node1 --ca-name=ord-ca.default
-          kubectl wait --timeout=180s --for=condition=Running fabricorderernodes.hlf.kungfusoftware.es --all
+          kubectl wait --timeout=240s --for=condition=Running fabricorderernodes.hlf.kungfusoftware.es --all
       - name: Prepare Connection string for Orderer Node
         run: |
           kubectl hlf inspect --output ordservice.yaml -o OrdererMSP
@@ -223,6 +222,8 @@ jobs:
           # enroll using the TLS CA
           kubectl hlf ca enroll --name=ord-ca --namespace=default --user=admin --secret=adminpw --mspid OrdererMSP \
                   --ca-name tlsca  --output admin-tls-ordservice.yaml 
+          kubectl hlf ca enroll --name=ord-ca --namespace=default --user=admin --secret=adminpw --mspid OrdererMSP \
+                  --ca-name ca  --output admin-sign-ordservice.yaml 
 
       - name: Prepare connection string for Peer
         run: |
@@ -241,24 +242,93 @@ jobs:
 
           kubectl create secret generic wallet --namespace=default \
                   --from-file=peer-org1.yaml=$PWD/peer-org1.yaml \
+                  --from-file=admin-sign-ordservice.yaml=$PWD/admin-sign-ordservice.yaml \
                   --from-file=admin-tls-ordservice.yaml=$PWD/admin-tls-ordservice.yaml
           kubectl get fabricorderernodes ord-node1 -o jsonpath='{.status.tlsCert}' > ./orderer-cert.pem
+          export IDENT_8=$(printf "%8s" "")
+          export ORDERER0_TLS_CERT=$(kubectl get fabricorderernodes ord-node1 -o=jsonpath='{.status.tlsCert}' | sed -e "s/^/${IDENT_8}/" )
+          kubectl apply -f - <<EOF
+          apiVersion: hlf.kungfusoftware.es/v1alpha1
+          kind: FabricMainChannel
+          metadata:
+            name: demo
+          spec:
+            name: demo
+            adminOrdererOrganizations:
+              - mspID: OrdererMSP
+            adminPeerOrganizations:
+              - mspID: Org1MSP
+            channelConfig:
+              application:
+                acls: null
+                capabilities:
+                  - V2_0
+                  - V2_5
+                policies: null
+              capabilities:
+                - V2_0
+              orderer:
+                batchSize:
+                  absoluteMaxBytes: 1048576
+                  maxMessageCount: 10
+                  preferredMaxBytes: 524288
+                batchTimeout: 2s
+                capabilities:
+                  - V2_0
+                etcdRaft:
+                  options:
+                    electionTick: 10
+                    heartbeatTick: 1
+                    maxInflightBlocks: 5
+                    snapshotIntervalSize: 16777216
+                    tickInterval: 500ms
+                ordererType: etcdraft
+                policies: null
+                state: STATE_NORMAL
+              policies: null
+            externalOrdererOrganizations: []
+            externalPeerOrganizations: []
+            peerOrganizations:
+              - mspID: Org1MSP
+                caName: "org1-ca"
+                caNamespace: "default"
+            identities:
+              OrdererMSP:
+                secretKey: admin-tls-ordservice.yaml
+                secretName: wallet
+                secretNamespace: default
+              OrdererMSP-tls:
+                secretKey: admin-tls-ordservice.yaml
+                secretName: wallet
+                secretNamespace: default
+              OrdererMSP-sign:
+                secretKey: admin-sign-ordservice.yaml
+                secretName: wallet
+                secretNamespace: default
+              Org1MSP:
+                secretKey: peer-org1.yaml
+                secretName: wallet
+                secretNamespace: default
+
+            ordererOrganizations:
+              - caName: "ord-ca"
+                caNamespace: "default"
+                externalOrderersToJoin:
+                  - host: ord-node1.default
+                    port: 7053
+                mspID: OrdererMSP
+                ordererEndpoints:
+                  - orderer0-ord.localho.st:443
+                orderersToJoin: []
+            orderers:
+              - host: orderer0-ord.localho.st
+                port: 443
+                tlsCert: |-
+          ${ORDERER0_TLS_CERT}
 
-          kubectl hlf channelcrd main create \
-              --channel-name=demo \
-              --name=demo \
-              --orderer-orgs=OrdererMSP \
-              --peer-orgs=Org1MSP \
-              --admin-orderer-orgs=OrdererMSP \
-              --admin-peer-orgs=Org1MSP \
-              --secret-name=wallet \
-              --secret-ns=default \
-              --consenters=orderer0-ord.localho.st:7050 \
-              --consenter-certificates=./orderer-cert.pem \
-              --identities="OrdererMSP;admin-tls-ordservice.yaml" \
-              --identities="Org1MSP;peer-org1.yaml"
+          EOF
 
-          kubectl wait --timeout=180s --for=condition=RUNNING fabricmainchannels.hlf.kungfusoftware.es --all 
+          kubectl wait --timeout=240s --for=condition=RUNNING fabricmainchannels.hlf.kungfusoftware.es --all 
 
 
       - name: Join peers to channel
@@ -276,7 +346,7 @@ jobs:
               --secret-ns=default \
               --secret-key="peer-org1.yaml"
 
-          kubectl wait --timeout=180s --for=condition=RUNNING fabricfollowerchannels.hlf.kungfusoftware.es --all
+          kubectl wait --timeout=240s --for=condition=RUNNING fabricfollowerchannels.hlf.kungfusoftware.es --all
       - name: Get channel
         run: |
           sleep 3
@@ -334,7 +404,7 @@ jobs:
         run: |
           sleep 10
           echo "waiting for deployment to be ready"
-          kubectl wait --timeout=180s --for=condition=Available deployment asset --namespace=default    
+          kubectl wait --timeout=240s --for=condition=Available deployment asset --namespace=default    
           kubectl hlf chaincode invoke --config=org1.yaml \
               --user=admin --peer=org1-peer0.default \
               --chaincode=asset --channel=demo \
@@ -358,7 +428,8 @@ jobs:
           kubectl get fabricmainchannels.hlf.kungfusoftware.es -A -o=custom-columns='NAME:metadata.name,NAMESPACE:metadata.namespace,STATE:status.status,MESSAGE:status.message'
           kubectl get fabricfollowerchannels.hlf.kungfusoftware.es -A -o=custom-columns='NAME:metadata.name,NAMESPACE:metadata.namespace,STATE:status.status,MESSAGE:status.message'
           kubectl get configmap coredns -n kube-system -o yaml
-
+          echo "Logs for hlf-operator deployment:"
+          kubectl logs -l app.kubernetes.io/name=hlf-operator -c manager --tail 2500 
           kubectl get fabricmainchannels  -o yaml
           kubectl get fabricfollowerchannels  -o yaml
 

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -7,7 +7,7 @@ jobs:
   test:
     strategy:
       matrix:
-        go-version: [ 1.21.x ]
+        go-version: [ 1.23.1 ]
         os: [ ubuntu-latest ]
     runs-on: ${{ matrix.os }}
     steps:
@@ -26,7 +26,7 @@ jobs:
 
       - name: Install operator
         run: | 
-          go install sigs.k8s.io/controller-tools/cmd/controller-gen@v0.14.0
+          go install sigs.k8s.io/controller-tools/cmd/controller-gen@v0.16.4
           make generate manifests install
 
       - name: Test

diff --git a/.go-version b/.go-version
@@ -0,0 +1 @@
+1.23.1
diff --git a/.goreleaser.yml b/.goreleaser.yml
@@ -5,7 +5,7 @@ project_name: hlf-operator
 release:
   name_template: "Version {{.Version}}"
   github:
-    owner: hyperledger
+    owner: hyperledger-bevel
     name: bevel-operator-fabric
   extra_files:
     - glob: "*.minisig"

diff --git a/.krew.yaml b/.krew.yaml
@@ -4,7 +4,7 @@ metadata:
   name: hlf
 spec:
   version: "{{ .TagName }}"
-  homepage: https://github.com/hyperledger/bevel-operator-fabric
+  homepage: https://github.com/hyperledger-bevel/bevel-operator-fabric
   shortDescription: "Deploy and manage Hyperledger Fabric components"
   description: |
     The kubectl-hlf plugin wraps the HLF Operator and provides a simple
@@ -19,29 +19,29 @@ spec:
         matchLabels:
           os: darwin
           arch: amd64
-      {{addURIAndSha "https://github.com/hyperledger/bevel-operator-fabric/releases/download/{{ .TagName }}/hlf-operator_{{ .TagName }}_darwin_amd64.zip" .TagName | indent 6 }}
+      {{addURIAndSha "https://github.com/hyperledger-bevel/bevel-operator-fabric/releases/download/{{ .TagName }}/hlf-operator_{{ .TagName }}_darwin_amd64.zip" .TagName | indent 6 }}
       bin: kubectl-hlf
     - selector:
         matchLabels:
           os: darwin
           arch: arm64
-      {{addURIAndSha "https://github.com/hyperledger/bevel-operator-fabric/releases/download/{{ .TagName }}/hlf-operator_{{ .TagName }}_darwin_arm64.zip" .TagName | indent 6 }}
+      {{addURIAndSha "https://github.com/hyperledger-bevel/bevel-operator-fabric/releases/download/{{ .TagName }}/hlf-operator_{{ .TagName }}_darwin_arm64.zip" .TagName | indent 6 }}
       bin: kubectl-hlf
     - selector:
         matchLabels:
           os: linux
           arch: amd64
-      {{addURIAndSha "https://github.com/hyperledger/bevel-operator-fabric/releases/download/{{ .TagName }}/hlf-operator_{{ .TagName }}_linux_amd64.zip" .TagName | indent 6 }}
+      {{addURIAndSha "https://github.com/hyperledger-bevel/bevel-operator-fabric/releases/download/{{ .TagName }}/hlf-operator_{{ .TagName }}_linux_amd64.zip" .TagName | indent 6 }}
       bin: kubectl-hlf
     - selector:
         matchLabels:
           os: linux
           arch: arm64
-      {{addURIAndSha "https://github.com/hyperledger/bevel-operator-fabric/releases/download/{{ .TagName }}/hlf-operator_{{ .TagName }}_linux_arm64.zip" .TagName | indent 6 }}
+      {{addURIAndSha "https://github.com/hyperledger-bevel/bevel-operator-fabric/releases/download/{{ .TagName }}/hlf-operator_{{ .TagName }}_linux_arm64.zip" .TagName | indent 6 }}
       bin: kubectl-hlf
     - selector:
         matchLabels:
           os: windows
           arch: amd64
-      {{addURIAndSha "https://github.com/hyperledger/bevel-operator-fabric/releases/download/{{ .TagName }}/hlf-operator_{{ .TagName }}_windows_amd64.zip" .TagName | indent 6 }}
+      {{addURIAndSha "https://github.com/hyperledger-bevel/bevel-operator-fabric/releases/download/{{ .TagName }}/hlf-operator_{{ .TagName }}_windows_amd64.zip" .TagName | indent 6 }}
       bin: kubectl-hlf.exe