github.com/IBM-Blockchain/fabric-operator@v1.0.4/pkg/initializer/ca/config/db.go

github.com/IBM-Blockchain/fabric-operator@v1.0.4/pkg/initializer/ca/config/db.go (about)

     1  /*
     2   * Copyright contributors to the Hyperledger Fabric Operator project
     3   *
     4   * SPDX-License-Identifier: Apache-2.0
     5   *
     6   * Licensed under the Apache License, Version 2.0 (the "License");
     7   * you may not use this file except in compliance with the License.
     8   * You may obtain a copy of the License at:
     9   *
    10   * 	  http://www.apache.org/licenses/LICENSE-2.0
    11   *
    12   * Unless required by applicable law or agreed to in writing, software
    13   * distributed under the License is distributed on an "AS IS" BASIS,
    14   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    15   * See the License for the specific language governing permissions and
    16   * limitations under the License.
    17   */
    18  
    19  package config
    20  
    21  import (
    22  	"fmt"
    23  	"path/filepath"
    24  	"strings"
    25  
    26  	"github.com/IBM-Blockchain/fabric-operator/pkg/util"
    27  	"github.com/pkg/errors"
    28  )
    29  
    30  type DBType string
    31  
    32  var (
    33  	SQLLite  DBType = "sqlite3"
    34  	Postgres DBType = "postgres"
    35  	MySQL    DBType = "mysql"
    36  )
    37  
    38  func (c *Config) ParseDBBlock() (map[string][]byte, error) {
    39  	dbType := c.ServerConfig.CAConfig.DB.Type
    40  
    41  	// Default to sqlite
    42  	if dbType == "" {
    43  		dbType = "sqlite3"
    44  	}
    45  
    46  	switch DBType(strings.ToLower(dbType)) {
    47  	case SQLLite:
    48  		// SQLite generated by operator during initilization is temporary.
    49  		// The purpose of initilization is to generate crypto not for user data persistence.
    50  		// Using a temporary path suffices for the purpose of sqlite based initilization.
    51  		c.ServerConfig.CAConfig.DB.Datasource = "/tmp/db/ca.db"
    52  		err := util.EnsureDir(filepath.Dir(c.ServerConfig.CAConfig.DB.Datasource))
    53  		if err != nil {
    54  			return nil, err
    55  		}
    56  
    57  		return nil, nil
    58  	case Postgres:
    59  		if !c.ServerConfig.CAConfig.DB.TLS.IsEnabled() {
    60  			return nil, nil
    61  		}
    62  
    63  		datasource := c.ServerConfig.CAConfig.DB.Datasource
    64  		if datasource == "" {
    65  			return nil, errors.Errorf("no datasource string specified for postgres")
    66  		}
    67  
    68  		if !IsValidPostgressDatasource(datasource) {
    69  			return nil, errors.Errorf("datasource for postgres is not valid")
    70  		}
    71  
    72  		if c.dbCrypto == nil {
    73  			c.dbCrypto = map[string][]byte{}
    74  		}
    75  
    76  		log.Info("Parsing DB block for Postgres database")
    77  		certFiles := c.ServerConfig.CAConfig.DB.TLS.CertFiles
    78  		for index, certFile := range certFiles {
    79  			err := c.HandleCertInput(certFile, fmt.Sprintf("db-certfile%d.pem", index), c.dbCrypto)
    80  			if err != nil {
    81  				return nil, err
    82  			}
    83  			certFiles[index] = filepath.Join(c.HomeDir, fmt.Sprintf("db-certfile%d.pem", index))
    84  		}
    85  		c.ServerConfig.CAConfig.DB.TLS.CertFiles = certFiles
    86  
    87  		certFile := c.ServerConfig.CAConfig.DB.TLS.Client.CertFile
    88  		keyFile := c.ServerConfig.CAConfig.DB.TLS.Client.KeyFile
    89  		if certFile != "" && keyFile != "" {
    90  			log.Info("Client authentication information provided for database connection")
    91  			err := c.HandleCertInput(certFile, "db-cert.pem", c.dbCrypto)
    92  			if err != nil {
    93  				return nil, err
    94  			}
    95  			c.ServerConfig.CAConfig.DB.TLS.Client.CertFile = filepath.Join(c.HomeDir, "db-cert.pem")
    96  
    97  			err = c.HandleKeyInput(keyFile, "db-key.pem", c.dbCrypto)
    98  			if err != nil {
    99  				return nil, err
   100  			}
   101  			c.ServerConfig.CAConfig.DB.TLS.Client.KeyFile = filepath.Join(c.HomeDir, "db-key.pem")
   102  		}
   103  
   104  		return c.dbCrypto, nil
   105  	case MySQL:
   106  		return nil, errors.New("MySQL is not supported")
   107  	}
   108  
   109  	return nil, errors.Errorf("database type '%s' is not supported", dbType)
   110  }
   111  
   112  func (c *Config) DBMountPath() {
   113  	certFile := c.ServerConfig.CAConfig.DB.TLS.Client.CertFile
   114  	keyFile := c.ServerConfig.CAConfig.DB.TLS.Client.KeyFile
   115  
   116  	if certFile != "" && keyFile != "" {
   117  		c.ServerConfig.CAConfig.DB.TLS.Client.CertFile = filepath.Join(c.MountPath, "db-cert.pem")
   118  		c.ServerConfig.CAConfig.DB.TLS.Client.KeyFile = filepath.Join(c.MountPath, "db-key.pem")
   119  	}
   120  
   121  	certFiles := c.ServerConfig.CAConfig.DB.TLS.CertFiles
   122  	for index, _ := range certFiles {
   123  		certFiles[index] = filepath.Join(c.MountPath, fmt.Sprintf("db-certfile%d.pem", index))
   124  	}
   125  	c.ServerConfig.CAConfig.DB.TLS.CertFiles = certFiles
   126  
   127  	dbType := c.ServerConfig.CAConfig.DB.Type
   128  	if DBType(strings.ToLower(dbType)) == SQLLite {
   129  		if c.SqlitePath != "" {
   130  			c.ServerConfig.CAConfig.DB.Datasource = c.SqlitePath
   131  		} else {
   132  			c.ServerConfig.CAConfig.DB.Datasource = "/data/db/ca.db"
   133  		}
   134  	}
   135  }