Skip to content

Commit

Permalink
[CE-422]fix ca private key renaming issue
Browse files Browse the repository at this point in the history 
CE-418 introduced a bug. When composer is not configured, the
code will also skip rename the ca private key which is not
correct. This patch fixes that issue.

Change-Id: Id99678dbf21fc294002b4849f91efea4254125c8
Signed-off-by: Tong Li <litong01@us.ibm.com>
  • Loading branch information
Tong Li committed Jul 28, 2018
1 parent 7e17a27 commit 8c905e2
Show file tree
Hide file tree
Showing 8 changed files with 3 additions and 18 deletions.
2 changes: 1 addition & 1 deletion src/agent/ansible/entrypoint.sh
100644 → 100755
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
#!/bin/bash
set -e
eval `ssh-agent -s`
ssh-add /opt/agent/vars/fd
if [[ -f /opt/agent/vars/fd ]]; then ssh-add /opt/agent/vars/fd; fi
exec "$@"
12 changes: 0 additions & 12 deletions src/agent/ansible/roles/deploy_compose/certsetup/tasks/apply.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,51 +34,39 @@
src: "{{ playbook_dir }}/../deploy_compose/certsetup/templates/connection.j2"
dest: "{{ fabricworkdir }}/keyfiles/{{ item }}/connection.json"
with_items: "{{ allorgs }}"
tags: "composer"
when: fabric.composer == true

- name: Create endorsement policy file
template:
src: "{{ playbook_dir }}/../deploy_compose/certsetup/templates/policy.j2"
dest: "{{ fabricworkdir }}/keyfiles/policy.json"
tags: "composer"
when: fabric.composer == true

- name: Rename admin private key
shell: >-
ls *_sk | cat -n | while read n f; do mv "$f" "admin_private.key"; done
args:
chdir: "{{ fabricworkdir }}/keyfiles/{{ item }}/users/Admin@{{ item }}/msp/keystore"
with_items: "{{ allorgs }}"
tags: "composer"
when: fabric.composer == true

- name: Rename ca private key
shell: >-
ls *_sk|cat -n|while read n f; do mv "$f" "ca_private.key"; done
args:
chdir: "{{ fabricworkdir }}/keyfiles/{{ item }}/ca"
with_items: "{{ allorgs }}"
tags: "composer"
when: fabric.composer == true

- name: Rename ca tls private key
shell: >-
ls *_sk|cat -n|while read n f; do mv "$f" "tlsca_private.key"; done
args:
chdir: "{{ fabricworkdir }}/keyfiles/{{ item }}/tlsca"
with_items: "{{ allorgs }}"
tags: "composer"
when: fabric.composer == true

- name: Upload bna file
copy:
src: "{{ item }}"
dest: "{{ fabricworkdir }}/keyfiles/"
with_fileglob:
- "{{ playbook_dir }}/../../secrets/networks/*.bna"
tags: "composer"
when: fabric.composer == true

- name: Create core.yml file for every peer
template:
Expand Down
1 change: 0 additions & 1 deletion src/agent/ansible/roles/deploy_compose/plays.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,5 +38,4 @@
- "./../../vars/{{ env }}.yml"
tasks:
- include_tasks: "composersetup/tasks/{{ mode }}.yml"
when: fabric.composer == true
tags: "composersetup"
2 changes: 1 addition & 1 deletion src/agent/ansible/roles/deploy_k8s/fabricsetup/templates/fabric-pod.j2
View file
Original file line number Diff line number Diff line change
Expand Up @@ -172,7 +172,7 @@ spec:
imagePullPolicy: IfNotPresent
{% endif %}
env:
- { name: "FABRIC_CA_HOME", value: "/etc/hyperledger/fabric-ca-server-config//keyfiles/{{ ca.org }}/ca" }
- { name: "FABRIC_CA_HOME", value: "/etc/hyperledger/fabric-ca-server-config/keyfiles/{{ ca.org }}/ca" }
- { name: "FABRIC_CA_SERVER_CA_NAME", value: "{{ ca.name}}" }
- { name: "FABRIC_CA_SERVER_CA_KEYFILE", value: "/etc/hyperledger/fabric-ca-server-config/keyfiles/{{ ca.org }}/ca/ca_private.key" }
- { name: "FABRIC_CA_SERVER_CA_CERTFILE", value: "/etc/hyperledger/fabric-ca-server-config/keyfiles/{{ ca.org }}/ca/ca.{{ ca.org }}-cert.pem" }
Expand Down
1 change: 0 additions & 1 deletion src/agent/ansible/roles/deploy_k8s/plays.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,5 +42,4 @@
- "./../../vars/{{ env }}.yml"
tasks:
- include_tasks: "composersetup/tasks/{{ mode }}.yml"
when: fabric.composer == true
tags: "composersetup"
1 change: 0 additions & 1 deletion src/agent/ansible/vars/bc1st.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,6 @@ fabric: {
peer_db: "CouchDB",
tls: false,
generate_certs: true,
composer: false,
logging_level: "ERROR",
k8s: {
exposeserviceport: False,
Expand Down
1 change: 1 addition & 0 deletions src/agent/ansible/vars/bc2nd.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ fabric: {
ssh_user: "ubuntu",
peer_db: "goleveldb",
tls: true,
generate_certs: true,
logging_level: "ERROR",
k8s: {
exposeserviceport: False,
Expand Down
1 change: 0 additions & 1 deletion src/agent/ansible/vars/vb1st.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,6 @@ fabric: {
peer_db: "goleveldb",
tls: false,
generate_certs: true,
composer: false,
logging_level: "ERROR",
k8s: {
exposeserviceport: True,
Expand Down

0 comments on commit 8c905e2

Please sign in to comment.