Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(connector-corda): read privateKey from filesystem #1761

Merged
merged 2 commits into from
Jan 18, 2022
Merged

feat(connector-corda): read privateKey from filesystem #1761

merged 2 commits into from
Jan 18, 2022

Conversation

elenaizaguirre
Copy link
Contributor

Allow plugin-ledger-connector-corda to read privateKey from filesystem
instead of obtain it directly from corda-aio container

Relationed with #789

Signed-off-by: Elena Izaguirre e.izaguirre.equiza@accenture.com

@elenaizaguirre elenaizaguirre self-assigned this Jan 12, 2022
@elenaizaguirre elenaizaguirre removed the request for review from jonathan-m-hamilton January 12, 2022 17:18
@petermetz
Copy link
Contributor

@elenaizaguirre

Would something like this work (need to substitute the container ID variable)?

export CORDA_AIO_IMAGE_KEY=$(docker exec $CONTAINER_ID cat /etc/hyperledger/cactus/corda-aio-image.key)

then in the compose file you just use the environment variable as usual:

https://docs.docker.com/compose/environment-variables/#pass-environment-variables-to-containers

https://docs.docker.com/compose/environment-variables/#substitute-environment-variables-in-compose-files

And finally what I wanted to double check is the specific reason for using docker compose. Is it to simplify manual testing or are you somehow embedding the docker compose parts into a test case?

@petermetz petermetz added Corda enhancement New feature or request labels Jan 12, 2022
@elenaizaguirre elenaizaguirre force-pushed the corda-privkey-filesystem branch from a35b344 to 0274797 Compare January 13, 2022 12:21
@elenaizaguirre
Copy link
Contributor Author

@elenaizaguirre

Would something like this work (need to substitute the container ID variable)?

export CORDA_AIO_IMAGE_KEY=$(docker exec $CONTAINER_ID cat /etc/hyperledger/cactus/corda-aio-image.key)

then in the compose file you just use the environment variable as usual:

https://docs.docker.com/compose/environment-variables/#pass-environment-variables-to-containers

https://docs.docker.com/compose/environment-variables/#substitute-environment-variables-in-compose-files

And finally what I wanted to double check is the specific reason for using docker compose. Is it to simplify manual testing or are you somehow embedding the docker compose parts into a test case?

@petermetz

I am using docker compose because I think it improves the user experience by deploying all containers with a single command, but I'm having a lot of problems because of it.

If you want to see what I am doing it is available in this branch.

Now I am not sure how to deal with this issue, I think there are three ways to do it:

  1. Forget docker compose and do it with independent containers

  2. Create the keys from the host and also send them to corda-aio as environment variables (we would have to modify the image so I don't think this is the best option).

  3. Merge this PR, I now have the key located inside the second container so it would not be a problem. I used your command to export the key to a host file and then pass it as a secret to the second container (it is not possible to do it in this case with environment variables because they are evaluated before starting the first container).

@elenaizaguirre elenaizaguirre force-pushed the corda-privkey-filesystem branch from 0274797 to e21245e Compare January 14, 2022 07:06
@petermetz petermetz requested review from izuru0 and takeutak January 14, 2022 21:40
petermetz
petermetz approved these changes Jan 14, 2022
View reviewed changes
Copy link
Contributor

@petermetz petermetz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@elenaizaguirre Got it, thank you for explaining. I am definitely in favor of merging this PR so that option 3) becomes feasible ASAP and we can think about the rest of them later as well. Thank you for addressing my change requests.

@petermetz petermetz removed the request for review from jagpreetsinghsasan January 14, 2022 21:41
izuru0
izuru0 approved these changes Jan 17, 2022
View reviewed changes
Copy link
Contributor

@izuru0 izuru0 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@elenaizaguirre elenaizaguirre force-pushed the corda-privkey-filesystem branch from e21245e to e796b52 Compare January 17, 2022 07:11
@elenaizaguirre
feat(connector-corda): read privateKey from filesystem
4649e95 
Allow plugin-ledger-connector-corda to read privateKey from filesystem
instead of obtain it directly from corda-aiio container

Relationed with hyperledger-cacti#789

Signed-off-by: Elena Izaguirre <e.izaguirre.equiza@accenture.com>
@elenaizaguirre elenaizaguirre force-pushed the corda-privkey-filesystem branch from e796b52 to 4649e95 Compare January 17, 2022 16:17
@petermetz petermetz removed the request for review from takeutak January 18, 2022 00:27
@petermetz petermetz merged commit e7e39fd into hyperledger-cacti:main Jan 18, 2022
@petermetz petermetz deleted the corda-privkey-filesystem branch January 18, 2022 04:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jagpreetsinghsasan jagpreetsinghsasan jagpreetsinghsasan left review comments

@izuru0 izuru0 izuru0 approved these changes

@petermetz petermetz petermetz approved these changes

Assignees

@elenaizaguirre elenaizaguirre

Labels
Corda enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@elenaizaguirre @petermetz @jagpreetsinghsasan @izuru0