From 8c905e2a5fd42c7ffa477b0ea7546a8372d6607b Mon Sep 17 00:00:00 2001 From: Tong Li Date: Fri, 27 Jul 2018 22:13:31 -0400 Subject: [PATCH] [CE-422]fix ca private key renaming issue CE-418 introduced a bug. When composer is not configured, the code will also skip rename the ca private key which is not correct. This patch fixes that issue. Change-Id: Id99678dbf21fc294002b4849f91efea4254125c8 Signed-off-by: Tong Li --- src/agent/ansible/entrypoint.sh | 2 +- .../roles/deploy_compose/certsetup/tasks/apply.yml | 12 ------------ src/agent/ansible/roles/deploy_compose/plays.yml | 1 - .../deploy_k8s/fabricsetup/templates/fabric-pod.j2 | 2 +- src/agent/ansible/roles/deploy_k8s/plays.yml | 1 - src/agent/ansible/vars/bc1st.yml | 1 - src/agent/ansible/vars/bc2nd.yml | 1 + src/agent/ansible/vars/vb1st.yml | 1 - 8 files changed, 3 insertions(+), 18 deletions(-) mode change 100644 => 100755 src/agent/ansible/entrypoint.sh diff --git a/src/agent/ansible/entrypoint.sh b/src/agent/ansible/entrypoint.sh old mode 100644 new mode 100755 index 8e2447262..5d515506e --- a/src/agent/ansible/entrypoint.sh +++ b/src/agent/ansible/entrypoint.sh @@ -1,5 +1,5 @@ #!/bin/bash set -e eval `ssh-agent -s` -ssh-add /opt/agent/vars/fd +if [[ -f /opt/agent/vars/fd ]]; then ssh-add /opt/agent/vars/fd; fi exec "$@" diff --git a/src/agent/ansible/roles/deploy_compose/certsetup/tasks/apply.yml b/src/agent/ansible/roles/deploy_compose/certsetup/tasks/apply.yml index 0b84d54f9..23af66c80 100755 --- a/src/agent/ansible/roles/deploy_compose/certsetup/tasks/apply.yml +++ b/src/agent/ansible/roles/deploy_compose/certsetup/tasks/apply.yml @@ -34,15 +34,11 @@ src: "{{ playbook_dir }}/../deploy_compose/certsetup/templates/connection.j2" dest: "{{ fabricworkdir }}/keyfiles/{{ item }}/connection.json" with_items: "{{ allorgs }}" - tags: "composer" - when: fabric.composer == true - name: Create endorsement policy file template: src: "{{ playbook_dir }}/../deploy_compose/certsetup/templates/policy.j2" dest: "{{ fabricworkdir }}/keyfiles/policy.json" - tags: "composer" - when: fabric.composer == true - name: Rename admin private key shell: >- @@ -50,8 +46,6 @@ args: chdir: "{{ fabricworkdir }}/keyfiles/{{ item }}/users/Admin@{{ item }}/msp/keystore" with_items: "{{ allorgs }}" - tags: "composer" - when: fabric.composer == true - name: Rename ca private key shell: >- @@ -59,8 +53,6 @@ args: chdir: "{{ fabricworkdir }}/keyfiles/{{ item }}/ca" with_items: "{{ allorgs }}" - tags: "composer" - when: fabric.composer == true - name: Rename ca tls private key shell: >- @@ -68,8 +60,6 @@ args: chdir: "{{ fabricworkdir }}/keyfiles/{{ item }}/tlsca" with_items: "{{ allorgs }}" - tags: "composer" - when: fabric.composer == true - name: Upload bna file copy: @@ -77,8 +67,6 @@ dest: "{{ fabricworkdir }}/keyfiles/" with_fileglob: - "{{ playbook_dir }}/../../secrets/networks/*.bna" - tags: "composer" - when: fabric.composer == true - name: Create core.yml file for every peer template: diff --git a/src/agent/ansible/roles/deploy_compose/plays.yml b/src/agent/ansible/roles/deploy_compose/plays.yml index 43245b314..aded0c3d1 100755 --- a/src/agent/ansible/roles/deploy_compose/plays.yml +++ b/src/agent/ansible/roles/deploy_compose/plays.yml @@ -38,5 +38,4 @@ - "./../../vars/{{ env }}.yml" tasks: - include_tasks: "composersetup/tasks/{{ mode }}.yml" - when: fabric.composer == true tags: "composersetup" diff --git a/src/agent/ansible/roles/deploy_k8s/fabricsetup/templates/fabric-pod.j2 b/src/agent/ansible/roles/deploy_k8s/fabricsetup/templates/fabric-pod.j2 index 23b349109..baa31de9b 100755 --- a/src/agent/ansible/roles/deploy_k8s/fabricsetup/templates/fabric-pod.j2 +++ b/src/agent/ansible/roles/deploy_k8s/fabricsetup/templates/fabric-pod.j2 @@ -172,7 +172,7 @@ spec: imagePullPolicy: IfNotPresent {% endif %} env: - - { name: "FABRIC_CA_HOME", value: "/etc/hyperledger/fabric-ca-server-config//keyfiles/{{ ca.org }}/ca" } + - { name: "FABRIC_CA_HOME", value: "/etc/hyperledger/fabric-ca-server-config/keyfiles/{{ ca.org }}/ca" } - { name: "FABRIC_CA_SERVER_CA_NAME", value: "{{ ca.name}}" } - { name: "FABRIC_CA_SERVER_CA_KEYFILE", value: "/etc/hyperledger/fabric-ca-server-config/keyfiles/{{ ca.org }}/ca/ca_private.key" } - { name: "FABRIC_CA_SERVER_CA_CERTFILE", value: "/etc/hyperledger/fabric-ca-server-config/keyfiles/{{ ca.org }}/ca/ca.{{ ca.org }}-cert.pem" } diff --git a/src/agent/ansible/roles/deploy_k8s/plays.yml b/src/agent/ansible/roles/deploy_k8s/plays.yml index f880e1440..3ef6ef13e 100755 --- a/src/agent/ansible/roles/deploy_k8s/plays.yml +++ b/src/agent/ansible/roles/deploy_k8s/plays.yml @@ -42,5 +42,4 @@ - "./../../vars/{{ env }}.yml" tasks: - include_tasks: "composersetup/tasks/{{ mode }}.yml" - when: fabric.composer == true tags: "composersetup" diff --git a/src/agent/ansible/vars/bc1st.yml b/src/agent/ansible/vars/bc1st.yml index 24bf1910d..e497b52a9 100755 --- a/src/agent/ansible/vars/bc1st.yml +++ b/src/agent/ansible/vars/bc1st.yml @@ -19,7 +19,6 @@ fabric: { peer_db: "CouchDB", tls: false, generate_certs: true, - composer: false, logging_level: "ERROR", k8s: { exposeserviceport: False, diff --git a/src/agent/ansible/vars/bc2nd.yml b/src/agent/ansible/vars/bc2nd.yml index fe8d404a4..ce3f5a2dd 100755 --- a/src/agent/ansible/vars/bc2nd.yml +++ b/src/agent/ansible/vars/bc2nd.yml @@ -12,6 +12,7 @@ fabric: { ssh_user: "ubuntu", peer_db: "goleveldb", tls: true, + generate_certs: true, logging_level: "ERROR", k8s: { exposeserviceport: False, diff --git a/src/agent/ansible/vars/vb1st.yml b/src/agent/ansible/vars/vb1st.yml index d7bed632c..34f1ad394 100755 --- a/src/agent/ansible/vars/vb1st.yml +++ b/src/agent/ansible/vars/vb1st.yml @@ -19,7 +19,6 @@ fabric: { peer_db: "goleveldb", tls: false, generate_certs: true, - composer: false, logging_level: "ERROR", k8s: { exposeserviceport: True,