github.com/IBM-Blockchain/fabric-operator@v1.0.4/pkg/initializer/common/enroller/factory.go

github.com/IBM-Blockchain/fabric-operator@v1.0.4/pkg/initializer/common/enroller/factory.go (about)

     1  /*
     2   * Copyright contributors to the Hyperledger Fabric Operator project
     3   *
     4   * SPDX-License-Identifier: Apache-2.0
     5   *
     6   * Licensed under the Apache License, Version 2.0 (the "License");
     7   * you may not use this file except in compliance with the License.
     8   * You may obtain a copy of the License at:
     9   *
    10   * 	  http://www.apache.org/licenses/LICENSE-2.0
    11   *
    12   * Unless required by applicable law or agreed to in writing, software
    13   * distributed under the License is distributed on an "AS IS" BASIS,
    14   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    15   * See the License for the specific language governing permissions and
    16   * limitations under the License.
    17   */
    18  
    19  package enroller
    20  
    21  import (
    22  	current "github.com/IBM-Blockchain/fabric-operator/api/v1beta1"
    23  	"github.com/IBM-Blockchain/fabric-operator/pkg/initializer/common/config"
    24  	"github.com/IBM-Blockchain/fabric-operator/pkg/initializer/cryptogen"
    25  	"github.com/pkg/errors"
    26  	"k8s.io/apimachinery/pkg/runtime"
    27  
    28  	k8sclient "github.com/IBM-Blockchain/fabric-operator/pkg/k8s/controllerclient"
    29  )
    30  
    31  //go:generate counterfeiter -o mocks/cryptoinstance.go -fake-name CryptoInstance . CryptoInstance
    32  
    33  type CryptoInstance interface {
    34  	runtime.Object
    35  	Instance
    36  	IsHSMEnabled() bool
    37  	UsingHSMProxy() bool
    38  	GetConfigOverride() (interface{}, error)
    39  }
    40  
    41  func Factory(enrollment *current.Enrollment, k8sClient k8sclient.Client, instance CryptoInstance, storagePath string, scheme *runtime.Scheme, bytes []byte, timeouts HSMEnrollJobTimeouts) (*Enroller, error) {
    42  	caClient := NewFabCAClient(enrollment, storagePath, nil, bytes)
    43  	certEnroller := New(NewSWEnroller(caClient))
    44  
    45  	if instance.IsHSMEnabled() {
    46  		switch instance.UsingHSMProxy() {
    47  		case true:
    48  			log.Info("Using HSM Proxy enroller")
    49  			bccsp := cryptogen.InitBCCSP(instance)
    50  			caClient = NewFabCAClient(enrollment, storagePath, bccsp, bytes)
    51  			certEnroller = New(NewHSMProxyEnroller(caClient))
    52  		case false:
    53  			hsmConfig, err := config.ReadHSMConfig(k8sClient, instance)
    54  			if err != nil {
    55  				return nil, errors.Wrap(err, "failed to read HSM config")
    56  			}
    57  
    58  			bccsp := cryptogen.InitBCCSP(instance)
    59  			caClient = NewFabCAClient(enrollment, storagePath, bccsp, bytes)
    60  
    61  			if hsmConfig.Daemon != nil {
    62  				log.Info("Using HSM Daemon enroller")
    63  				hsmDaemonEnroller := NewHSMDaemonEnroller(enrollment, instance, caClient, k8sClient, scheme, timeouts, hsmConfig)
    64  				certEnroller = New(hsmDaemonEnroller)
    65  			} else {
    66  				log.Info("Using HSM enroller")
    67  				hsmEnroller := NewHSMEnroller(enrollment, instance, caClient, k8sClient, scheme, timeouts, hsmConfig)
    68  				certEnroller = New(hsmEnroller)
    69  			}
    70  		}
    71  	} else {
    72  		log.Info("Using SW enroller")
    73  	}
    74  
    75  	return certEnroller, nil
    76  }