github.com/IBM-Blockchain/fabric-operator@v1.0.4/pkg/offering/base/orderer/override/envcm.go

github.com/IBM-Blockchain/fabric-operator@v1.0.4/pkg/offering/base/orderer/override/envcm.go (about)

     1  /*
     2   * Copyright contributors to the Hyperledger Fabric Operator project
     3   *
     4   * SPDX-License-Identifier: Apache-2.0
     5   *
     6   * Licensed under the Apache License, Version 2.0 (the "License");
     7   * you may not use this file except in compliance with the License.
     8   * You may obtain a copy of the License at:
     9   *
    10   * 	  http://www.apache.org/licenses/LICENSE-2.0
    11   *
    12   * Unless required by applicable law or agreed to in writing, software
    13   * distributed under the License is distributed on an "AS IS" BASIS,
    14   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    15   * See the License for the specific language governing permissions and
    16   * limitations under the License.
    17   */
    18  
    19  package override
    20  
    21  import (
    22  	"errors"
    23  	"fmt"
    24  
    25  	current "github.com/IBM-Blockchain/fabric-operator/api/v1beta1"
    26  	"github.com/IBM-Blockchain/fabric-operator/pkg/manager/resources"
    27  	"github.com/IBM-Blockchain/fabric-operator/pkg/util"
    28  	"github.com/IBM-Blockchain/fabric-operator/version"
    29  	corev1 "k8s.io/api/core/v1"
    30  	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
    31  )
    32  
    33  func (o *Override) EnvCM(object v1.Object, cm *corev1.ConfigMap, action resources.Action, options map[string]interface{}) error {
    34  	instance := object.(*current.IBPOrderer)
    35  	switch action {
    36  	case resources.Create:
    37  		return o.CreateEnvCM(instance, cm)
    38  	case resources.Update:
    39  		return o.UpdateEnvCM(instance, cm)
    40  	}
    41  
    42  	return nil
    43  }
    44  
    45  func (o *Override) CreateEnvCM(instance *current.IBPOrderer, cm *corev1.ConfigMap) error {
    46  	genesisProfile := instance.Spec.GenesisProfile
    47  	if genesisProfile == "" {
    48  		genesisProfile = "Initial"
    49  	}
    50  	cm.Data["ORDERER_GENERAL_GENESISPROFILE"] = genesisProfile
    51  
    52  	mspID := instance.Spec.MSPID
    53  	if mspID == "" {
    54  		return errors.New("failed to provide MSP ID for orderer")
    55  	}
    56  	cm.Data["ORDERER_GENERAL_LOCALMSPID"] = mspID
    57  
    58  	if version.GetMajorReleaseVersion(instance.Spec.FabricVersion) == version.V2 {
    59  		if instance.Spec.IsUsingChannelLess() {
    60  			cm.Data["ORDERER_GENERAL_BOOTSTRAPMETHOD"] = "none"
    61  		} else {
    62  			cm.Data["ORDERER_GENERAL_BOOTSTRAPMETHOD"] = "file"
    63  			cm.Data["ORDERER_GENERAL_BOOTSTRAPFILE"] = "/certs/genesis/orderer.block"
    64  		}
    65  	} else {
    66  		cm.Data["ORDERER_GENERAL_GENESISMETHOD"] = "file"
    67  		cm.Data["ORDERER_GENERAL_GENESISFILE"] = "/certs/genesis/orderer.block"
    68  	}
    69  
    70  	intermediateExists := util.IntermediateSecretExists(o.Client, instance.Namespace, fmt.Sprintf("ecert-%s-intercerts", instance.Name)) &&
    71  		util.IntermediateSecretExists(o.Client, instance.Namespace, fmt.Sprintf("tls-%s-intercerts", instance.Name))
    72  	intercertPath := "/certs/msp/tlsintermediatecerts/intercert-0.pem"
    73  	if intermediateExists {
    74  		cm.Data["ORDERER_GENERAL_TLS_ROOTCAS"] = intercertPath
    75  		cm.Data["ORDERER_OPERATIONS_TLS_ROOTCAS"] = intercertPath
    76  		cm.Data["ORDERER_OPERATIONS_TLS_CLIENTROOTCAS"] = intercertPath
    77  		cm.Data["ORDERER_GENERAL_CLUSTER_ROOTCAS"] = intercertPath
    78  	}
    79  	// Add configs for 2.4.x
    80  	// Add default cert location for admin service
    81  	currentVer := version.String(instance.Spec.FabricVersion)
    82  	if currentVer.EqualWithoutTag(version.V2_4_1) || currentVer.GreaterThan(version.V2_4_1) {
    83  		// Enable Channel participation for 2.4.x orderers
    84  		cm.Data["ORDERER_CHANNELPARTICIPATION_ENABLED"] = "true"
    85  
    86  		cm.Data["ORDERER_ADMIN_TLS_ENABLED"] = "true"
    87  		cm.Data["ORDERER_ADMIN_TLS_CERTIFICATE"] = "/certs/tls/signcerts/cert.pem"
    88  		cm.Data["ORDERER_ADMIN_TLS_PRIVATEKEY"] = "/certs/tls/keystore/key.pem"
    89  		cm.Data["ORDERER_ADMIN_TLS_CLIENTAUTHREQUIRED"] = "true"
    90  		// override the default value 127.0.0.1:9443
    91  		cm.Data["ORDERER_ADMIN_LISTENADDRESS"] = "0.0.0.0:9443"
    92  		if intermediateExists {
    93  			// override intermediate cert paths for root and clientroot cas
    94  			cm.Data["ORDERER_ADMIN_TLS_ROOTCAS"] = intercertPath
    95  			cm.Data["ORDERER_ADMIN_TLS_CLIENTROOTCAS"] = intercertPath
    96  		} else {
    97  			cm.Data["ORDERER_ADMIN_TLS_ROOTCAS"] = "/certs/msp/tlscacerts/cacert-0.pem"
    98  			cm.Data["ORDERER_ADMIN_TLS_CLIENTROOTCAS"] = "/certs/msp/tlscacerts/cacert-0.pem"
    99  		}
   100  	}
   101  
   102  	return nil
   103  }
   104  
   105  func (o *Override) UpdateEnvCM(instance *current.IBPOrderer, cm *corev1.ConfigMap) error {
   106  	return nil
   107  }