Add getChaincode and update-channel-config

pull/139/head
Baohua Yang 2021-05-11 13:53:08 -07:00
parent 1db53d16bc
commit 6a3193ae82
2 changed files with 271 additions and 0 deletions

View File

@ -0,0 +1,62 @@
#!/bin/bash
# Fetch a config block and decode it
setupChaincode() {
local channel=$1
local peerAddresses=$2
local tlsca_file=$3
peer chaincode instantiate \
-o "dhnodeouf5-bcsnativepreprod-iad.blockchain.ocp.oc-test.com:20003" \
-C ${channel} \
-n "exp02" \
-v "v1" \
-c '{"Args":["init","a","100","b","200"]}' \
-P "OR ('dhnodeOUf5.peer','dhnodeOUf6.peer')" \
--tls \
--cafile ${tlsca_file} \
--peerAddresses ${peerAddresses} \
--tlsRootCertFiles ${tlsca_file}
}
# getInstantiatedChaincode get the instantiated chaincode information
# Usage: getInstantiatedChaincode channel peer-addresses
getInstantiatedChaincode() {
local channel=$1
local peerAddresses=$2
local tlsca_file=$3
peer chaincode query \
--connTimeout 10s \
--channelID ${channel} \
-n "lscc" \
-c '{"Args":["getccdata","default","c040953"]}' \
--tls \
--peerAddresses ${peerAddresses} \
--tlsRootCertFiles ${tlsca_file}
}
if [ $# -eq 0 ]; then
echo "Please use the <mspId> <channel> <ordererURL> as the argument"
exit
fi
msp_id=$1
channel=$2
peerAddresses=$3
echo "msp_id=${msp_id}"
echo "channel=${channel}"
echo "peerAddresses=${peerAddresses}"
msp_path=${PWD}/msp-${msp_id} # Suppose the local msp path named as msp-${msp_id}
export FABRIC_LOGGING_SPEC="debug"
export CORE_PEER_LOCALMSPID=${msp_id}
#export CORE_PEER_ADDRESS=${peerAddresses}
export CORE_PEER_MSPCONFIGPATH=${msp_path}
export CORE_PEER_TLS_ROOTCERT_FILE=${msp_path}/tlscacerts/tlsca.cert
export CORE_PEER_TLS_ENABLED=true
setupChaincode ${channel} ${peerAddresses} ${msp_path}/tlscacerts/tlsca.cert
#getInstantiatedChaincode ${channel} ${peerAddresses} ${msp_path}/tlscacerts/tlsca.cert

View File

@ -0,0 +1,209 @@
#!/bin/bash
# This script will fix every channel's orderer admin policy from implicit to signature based.
# It should be part of the migration tool
# Usage: TODO
# The commit 787b82fa80cb0a85f352384fa2ac51d5fbbc41e9 has changed the policy as:
#Admins:
# Type: ImplicitMeta
# Rule: "MAJORITY Admins"
#-->
#Admins:
# Type: Signature
# Rule: "OR('{{.ORGNAME}}.admin')"
# However, there are still instances with 19.3.5 created with the old policies. The script will fix those instances.
# configtxlator encode json to pb
# Usage: configtxlatorEncode msgType input output
configtxlatorEncode() {
msgType=$1
input=$2
output=$3
echo "Encode $input --> $output using type $msgType"
configtxlator proto_encode \
--type=${msgType} \
--input=${input} \
--output=${output}
}
# configtxlator decode pb to json
# Usage: configtxlatorEncode msgType input output
configtxlatorDecode() {
msgType=$1
input=$2
output=$3
echo "Config Decode $input --> $output using type $msgType"
if [ ! -f $input ]; then
echo "input file not found"
exit 1
fi
configtxlator proto_decode \
--type=${msgType} \
--input=${input} \
--output=${output}
}
# compute diff between two pb
# Usage: configtxlatorCompare channel origin updated output
configtxlatorCompare() {
channel=$1
origin=$2
updated=$3
output=$4
echo "Config Compare $origin vs $updated > ${output} in channel $channel"
if [ ! -f $origin ] || [ ! -f $updated ]; then
echo "input file not found"
exit 1
fi
configtxlator compute_update \
--original=${origin} \
--updated=${updated} \
--channel_id=${channel} \
--output=${output}
[ $? -eq 0 ] || echo "Failed to compute config update"
}
# fetch the latest config block from channel and save as file
# Usage: fetchConfig channel msp_path ordererURL block_file_to_save
fetchConfig() {
CHANNEL=$1
MSP_PATH=$2
orderer_url=$3
BLOCK_FILE=$4
peer channel fetch config ${BLOCK_FILE} \
--connTimeout 10s \
-c ${CHANNEL} \
-o ${orderer_url} \
--tls \
--cafile ${MSP_PATH}/tlscacerts/tlsca.cert
}
# update a channel's config
# Usage: updateConfig channel msp_path ordererURL config_update_jq_kv
updateConfig() {
CHANNEL=$1
MSP_PATH=$2
orderer_url=$3
CFG_UPDATE_KV="$4"
BLOCK_FILE=${CHANNEL}_config.block
ORIGINAL_CFG_JSON=${CHANNEL}_origin_cfg.json
ORIGINAL_CFG_PB=${CHANNEL}_origin_cfg.pb
UPDATED_CFG_JSON=${CHANNEL}_updated_cfg.json
UPDATED_CFG_PB=${CHANNEL}_updated_cfg.pb
CFG_DELTA_JSON=${CHANNEL}_delta_cfg.json
CFG_DELTA_PB=${CHANNEL}_delta_cfg.pb
CFG_DELTA_ENV_JSON=${CHANNEL}_delta_env.json
CFG_DELTA_ENV_PB=${CHANNEL}_delta_env.pb
PAYLOAD_CFG_PATH=".data.data[0].payload.data.config"
echo "===Fetching config block for channel ${CHANNEL}==="
fetchConfig ${CHANNEL} ${MSP_PATH} ${orderer_url} ${BLOCK_FILE}
echo "Decode config block for channel ${CHANNEL}"
configtxlatorDecode "common.Block" ${BLOCK_FILE} ${BLOCK_FILE}.json
jq "${PAYLOAD_CFG_PATH}" ${BLOCK_FILE}.json >${ORIGINAL_CFG_JSON}
jq . ${ORIGINAL_CFG_JSON} >/dev/null
[ $? -ne 0 ] && {
echo "${ORIGINAL_CFG_JSON} is invalid"
exit
}
# Check whether it has the key .channel_group.groups.Orderer.policies.Admins.policy.value.identities[0].principal.msp_identifier
if jq -e '.channel_group.groups.Orderer.policies.Admins.policy.value.identities[0].principal | has("msp_identifier")' ${ORIGINAL_CFG_JSON} > /dev/null; then
echo "The channel is updated, no need to take further action"
return
fi
echo "Generate the pb with original config"
configtxlatorEncode "common.Config" ${ORIGINAL_CFG_JSON} ${ORIGINAL_CFG_PB}
echo "Generate the updated config"
jq "${CFG_UPDATE_KV}" ${ORIGINAL_CFG_JSON} >${UPDATED_CFG_JSON}
jq . ${UPDATED_CFG_JSON} > /dev/null
[ $? -ne 0 ] && {
echo "${UPDATED_CFG_JSON} is invalid" && exit 1
}
echo "Generate the updated pb with updated config"
configtxlatorEncode "common.Config" ${UPDATED_CFG_JSON} ${UPDATED_CFG_PB}
echo "Calculate the config delta between pb files"
configtxlatorCompare ${CHANNEL} ${ORIGINAL_CFG_PB} ${UPDATED_CFG_PB} ${CFG_DELTA_PB}
echo "Decode the config delta pb into json"
configtxlatorDecode "common.ConfigUpdate" ${CFG_DELTA_PB} ${CFG_DELTA_JSON}
jq . ${CFG_DELTA_JSON} >/dev/null
[ $? -ne 0 ] && {
echo "${CFG_DELTA_JSON} is invalid" && exit 1
}
echo "Wrap the config update as envelope"
echo '{"payload":{"header":{"channel_header":{"channel_id":"'"$CHANNEL"'", "type":2}},"data":{"config_update":'$(cat ${CFG_DELTA_JSON})'}}}' | jq . >${CFG_DELTA_ENV_JSON}
echo "Encode the config update envelope into pb"
configtxlatorEncode "common.Envelope" ${CFG_DELTA_ENV_JSON} ${CFG_DELTA_ENV_PB}
echo "Sign the config update transaction"
peer channel signconfigtx -f ${CFG_DELTA_ENV_PB}
echo "Sending the config update tx to channel ${CHANNEL}"
peer channel update \
-c ${CHANNEL} \
-o ${orderer_url} \
-f ${CFG_DELTA_ENV_PB} \
--tls \
--cafile ${MSP_PATH}/tlscacerts/tlsca.cert
echo "Rechecking the kv with channel ${CHANNEL}"
fetchConfig ${CHANNEL} ${MSP_PATH} ${orderer_url} ${BLOCK_FILE}_new
echo "Decode new config block for channel ${CHANNEL}"
configtxlatorDecode "common.Block" ${BLOCK_FILE}_new ${BLOCK_FILE}_new.json
jq "${PAYLOAD_CFG_PATH}" ${BLOCK_FILE}_new.json >${ORIGINAL_CFG_JSON}_new
# Check whether it has the key .channel_group.groups.Orderer.policies.Admins.policy.value.identities[0].principal.msp_identifier
if jq -e '.channel_group.groups.Orderer.policies.Admins.policy.value.identities[0].principal | has("msp_identifier")' ${ORIGINAL_CFG_JSON}_new > /dev/null; then
echo "The channel is updated successfully"
return
fi
}
# Entrypoint
msp_id=$1
channel=$2
orderer_url=$3
founder=$4
msp_path=${PWD}/msp-${msp_id} # Suppose the msp path named as msp-${msp_id}
export FABRIC_LOGGING_SPEC="error"
export CORE_PEER_LOCALMSPID=${msp_id}
export CORE_PEER_MSPCONFIGPATH=${msp_path}
export CORE_PEER_TLS_ROOTCERT_FILE=${msp_path}/tlscacerts/tlsca.cert
#CFG_UPDATE_KEY=".data.data[0].payload.data.config.channel_group.groups.Orderer.values.ConsensusType.value.metadata.options.election_tick"
#CFG_UPDATE_KV=".channel_group.groups.Orderer.policies.Admins.policy=$(jsonDump "$founder")"
CFG_UPDATE_KV='.channel_group.groups.Orderer.policies.Admins.policy={"type":1,"value":{"identities":[{"principal":{"msp_identifier":"'"$founder"'","role":"ADMIN"},"principal_classification":"ROLE"}],"rule":{"n_out_of":{"n":1,"rules":[{"signed_by":0}]}},"version":0}}'
#CFG_UPDATE_KV='.channel_group.groups.Orderer.values.ConsensusType.value.metadata.options.heartbeat_tick=10"
#CFG_UPDATE_KEY=".data.data[0].payload.data.config.channel_group.groups.Orderer.values.ConsensusType.value.metadata.options.heartbeat_tick"
#CFG_UPDATE_VALUE=10
updateConfig $channel ${msp_path} ${orderer_url} ${CFG_UPDATE_KV}
exit 0