github.com/IBM-Blockchain/fabric-operator@v1.0.4/pkg/initializer/ca/config/operations.go (about)

     1  /*
     2   * Copyright contributors to the Hyperledger Fabric Operator project
     3   *
     4   * SPDX-License-Identifier: Apache-2.0
     5   *
     6   * Licensed under the Apache License, Version 2.0 (the "License");
     7   * you may not use this file except in compliance with the License.
     8   * You may obtain a copy of the License at:
     9   *
    10   * 	  http://www.apache.org/licenses/LICENSE-2.0
    11   *
    12   * Unless required by applicable law or agreed to in writing, software
    13   * distributed under the License is distributed on an "AS IS" BASIS,
    14   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    15   * See the License for the specific language governing permissions and
    16   * limitations under the License.
    17   */
    18  
    19  package config
    20  
    21  import (
    22  	"fmt"
    23  	"path/filepath"
    24  )
    25  
    26  func (c *Config) ParseOperationsBlock() (map[string][]byte, error) {
    27  	if !c.ServerConfig.Operations.TLS.IsEnabled() {
    28  		log.Info("TLS disabled for Operations endpoint")
    29  		return nil, nil
    30  	}
    31  
    32  	log.Info("Parsing Operations block")
    33  	certFile := c.ServerConfig.Operations.TLS.CertFile
    34  	keyFile := c.ServerConfig.Operations.TLS.KeyFile
    35  
    36  	// Values for both TLS certfile and keyfile required for Operations configuration.
    37  	// TLS key look up is not supported via BCCSP
    38  	err := ValidCryptoInput(certFile, keyFile)
    39  	if err != nil {
    40  		return nil, err
    41  	}
    42  
    43  	if c.operationsCrypto == nil {
    44  		c.operationsCrypto = map[string][]byte{}
    45  	}
    46  
    47  	err = c.HandleCertInput(certFile, "operations-cert.pem", c.operationsCrypto)
    48  	if err != nil {
    49  		return nil, err
    50  	}
    51  	c.ServerConfig.Operations.TLS.CertFile = filepath.Join(c.HomeDir, "operations-cert.pem")
    52  
    53  	err = c.HandleKeyInput(keyFile, "operations-key.pem", c.operationsCrypto)
    54  	if err != nil {
    55  		return nil, err
    56  	}
    57  	c.ServerConfig.Operations.TLS.KeyFile = filepath.Join(c.HomeDir, "operations-key.pem")
    58  
    59  	certFiles := c.ServerConfig.Operations.TLS.ClientCACertFiles
    60  	for index, certFile := range certFiles {
    61  		err = c.HandleCertInput(certFile, fmt.Sprintf("operations-certfile%d.pem", index), c.operationsCrypto)
    62  		if err != nil {
    63  			return nil, err
    64  		}
    65  		certFiles[index] = filepath.Join(c.HomeDir, fmt.Sprintf("operations-certfile%d.pem", index))
    66  	}
    67  	c.ServerConfig.Operations.TLS.ClientCACertFiles = certFiles
    68  
    69  	return c.operationsCrypto, nil
    70  }
    71  
    72  func (c *Config) OperationsMountPath() {
    73  	c.ServerConfig.Operations.TLS.CertFile = filepath.Join(c.MountPath, "operations-cert.pem")
    74  	c.ServerConfig.Operations.TLS.KeyFile = filepath.Join(c.MountPath, "operations-key.pem")
    75  
    76  	certFiles := c.ServerConfig.Operations.TLS.ClientCACertFiles
    77  	for index, _ := range certFiles {
    78  		certFiles[index] = filepath.Join(c.MountPath, fmt.Sprintf("operations-certfile%d.pem", index))
    79  	}
    80  	c.ServerConfig.Operations.TLS.ClientCACertFiles = certFiles
    81  }