github.com/cactusblossom/fabric-ca@v0.0.0-20200611062428-0082fc643826/scripts/fvt/db_test.sh (about) 1 #!/bin/bash 2 # 3 # Copyright IBM Corp. All Rights Reserved. 4 # 5 # SPDX-License-Identifier: Apache-2.0 6 # 7 8 : ${TESTCASE:="db_resiliency"} 9 FABRIC_CA="$GOPATH/src/github.com/hyperledger/fabric-ca" 10 FABRIC_CAEXEC="$FABRIC_CA/bin/fabric-ca" 11 TESTDATA="$FABRIC_CA/testdata" 12 SCRIPTDIR="$FABRIC_CA/scripts/fvt" 13 . $SCRIPTDIR/fabric-ca_utils 14 HOST="http://localhost:$PROXY_PORT" 15 RC=0 16 17 export FABRIC_CA_SERVER_HOME="/tmp/$TESTCASE" 18 export CA_CFG_PATH="/tmp/$TESTCASE" 19 20 MYSQLSERVERCONFIG="$FABRIC_CA_SERVER_HOME/mysqlserverconfig.yaml" 21 MYSQLSERVERCONFIG2="$FABRIC_CA_SERVER_HOME/mysqlserverconfig2.yaml" 22 PGSQLSERVERCONFIG="$FABRIC_CA_SERVER_HOME/pgsqlserverconfig.yaml" 23 PGSQLSERVERCONFIG2="$FABRIC_CA_SERVER_HOME/pgsqlserverconfig2.yaml" 24 MSP="$FABRIC_CA_SERVER_HOME/msp" 25 SERVERCERT="$FABRIC_CA_SERVER_HOME/fabric-ca-cert.pem" 26 DBNAME="fabric_ca" 27 28 function cleanup { 29 rm $SERVERCERT 30 rm -rf $MSP 31 rm $SERVERLOG 32 } 33 34 function existingIdentity { 35 grep "Identity '$1' already registered, loaded identity" $2 &> /dev/null 36 if [ $? != 0 ]; then 37 ErrorMsg "Should have thrown an error inserting an already registered user" 38 else 39 echo -e "\t Test - Already registered identity message encountered: passed" 40 fi 41 } 42 43 function checkIdentity { 44 grep "Successfully added identity $1 to the database" $2 &> /dev/null 45 if [ $? != 0 ]; then 46 ErrorMsg "Identity should not already exist in database, and should have gotten added" 47 else 48 echo -e "\t Test - New identity added: passed" 49 fi 50 } 51 52 function existingAff { 53 grep "Affiliation '$1' already exists" $2 &> /dev/null 54 if [ $? != 0 ]; then 55 ErrorMsg "Should have thrown an error inserting an already existing affiliation" 56 else 57 echo -e "\t Test - Already existing affiliation message encountered: passed" 58 fi 59 } 60 61 function checkAff { 62 grep "Affiliation '$1' added" $2 &> /dev/null 63 if [ $? != 0 ]; then 64 ErrorMsg "Affiliation should not already exist in database, and should have gotten added" 65 else 66 echo -e "\t Test - New affiliation added: passed" 67 fi 68 } 69 70 function genConfig { 71 mkdir -p $FABRIC_CA_SERVER_HOME 72 # Create base configuration using mysql 73 cat > $MYSQLSERVERCONFIG <<EOF 74 debug: true 75 76 db: 77 type: mysql 78 datasource: root:mysql@tcp(localhost:$MYSQL_PORT)/fabric_ca 79 80 tls: 81 enabled: true 82 certfile: $TLS_SERVERCERT 83 keyfile: $TLS_SERVERKEY 84 85 registry: 86 # Maximum number of times a password/secret can be reused for enrollment 87 # (default: -1, which means there is no limit) 88 maxenrollments: -1 89 90 # Contains identity information which is used when LDAP is disabled 91 identities: 92 - name: a 93 pass: b 94 type: client 95 affiliation: "" 96 maxenrollments: -1 97 attrs: 98 hf.Registrar.Roles: "client,user,peer,validator,auditor" 99 hf.Registrar.DelegateRoles: "client,user,validator,auditor" 100 hf.Revoker: true 101 hf.IntermediateCA: true 102 103 affiliations: 104 org1: 105 - department1 106 - department2 107 org2: 108 - department1 109 EOF 110 111 # mysql configuration with two bootstrap users 112 cp $MYSQLSERVERCONFIG $MYSQLSERVERCONFIG2 113 sed -i '/hf.IntermediateCA:/a\ 114 - name: c\ 115 pass: d\ 116 type: client\ 117 affiliation: ""\ 118 maxenrollments: -1\ 119 attrs:\ 120 hf.Registrar.Roles: "client,user,peer,validator,auditor"\ 121 hf.Registrar.DelegateRoles: "client,user,validator,auditor"\ 122 hf.Revoker: true\ 123 hf.IntermediateCA: true ' $MYSQLSERVERCONFIG2 124 echo -e " org3:\n - department1" >> $MYSQLSERVERCONFIG2 125 126 # Clone the mysql configuration for postgres 127 cp $MYSQLSERVERCONFIG $PGSQLSERVERCONFIG 128 cp $MYSQLSERVERCONFIG2 $PGSQLSERVERCONFIG2 129 sed -i "s/type: mysql/type: postgres/ 130 s/datasource:.*/datasource: host=localhost port=$POSTGRES_PORT user=postgres password=postgres dbname=fabric_ca/" \ 131 $PGSQLSERVERCONFIG $PGSQLSERVERCONFIG2 132 } 133 134 $SCRIPTDIR/fabric-ca_setup.sh -R -x $FABRIC_CA_SERVER_HOME 135 genConfig 136 137 # MySQL Test 138 echo "############################ MySQL Test ############################" 139 140 # Test scenario where database and tables exist, plus an already bootstrapped user is present in the users table 141 # Fabric-ca should bootstap a newly added identity to the config to the user table 142 echo "############## Test 1 ##############" 143 echo "Test1: Database and tables exist, plus an already bootstrapped user is present in the users table" 144 echo "Test1: Fabric-ca should bootstap a newly added identity to the config to the user table" 145 echo "Creating '$DBNAME' MySQL database and tables before starting up server" 146 mysql --host=localhost --user=root --password=mysql -e "drop database $DBNAME;" -e "create database $DBNAME;" &> /dev/null 147 mysql --host=localhost --user=root --password=mysql --database=$DBNAME -e "CREATE TABLE users (id VARCHAR(64) NOT NULL, token blob, type VARCHAR(64), affiliation VARCHAR(64), attributes VARCHAR(256), state INTEGER, max_enrollments INTEGER, PRIMARY KEY (id)) DEFAULT CHARSET=utf8 COLLATE utf8_bin;" &> /dev/null 148 149 # Starting server first time with one bootstrap user 150 SERVERLOG="$FABRIC_CA_SERVER_HOME/serverlog.test1a.txt" 151 $SCRIPTDIR/fabric-ca_setup.sh -S -X -g $MYSQLSERVERCONFIG 2>&1 | tee $SERVERLOG & 152 pollLogForMsg "Listening on https*://0.0.0.0:$CA_DEFAULT_PORT" $SERVERLOG || ErrorExit "Failed to log CA startup message" 153 pid=$(pidof fabric-ca-server) 154 killserver $pid && rm $SERVERLOG || ErrorExit "Failed to stop CA" 155 # Starting server second time with a second bootstrap user 156 $SCRIPTDIR/fabric-ca_setup.sh -S -X -g $MYSQLSERVERCONFIG2 2>&1 | tee $SERVERLOG & 157 pollLogForMsg "Listening on https*://0.0.0.0:$CA_DEFAULT_PORT" $SERVERLOG || ErrorExit "Failed to log CA startup message" 158 pid=$(pidof fabric-ca-server) 159 killserver $pid || ErrorExit "Failed to stop CA" 160 161 existingIdentity "a" $SERVERLOG # Check to see that appropriate error message was seen for an already registered user 162 checkIdentity "c" $SERVERLOG # Check to see that a new identity properly got registered 163 existingAff "org1" $SERVERLOG 164 checkAff "org3.department1" $SERVERLOG 165 166 # Test scenario where database exists but tables do not exist 167 # Fabric-ca should create the tables and bootstrap 168 SERVERLOG="$FABRIC_CA_SERVER_HOME/serverlog.test2a.txt" 169 echo "############## Test 2 ##############" 170 echo "Test2: Database exist but tables do not exist" 171 echo "Test2: Fabric-ca should create the tables and bootstrap" 172 echo "Dropping and creating an empty '$DBNAME' database" 173 mysql --host=localhost --user=root --password=mysql -e "drop database fabric_ca;" -e "create database fabric_ca;" &> /dev/null 174 175 $SCRIPTDIR/fabric-ca_setup.sh -S -X -g $MYSQLSERVERCONFIG2 2>&1 | tee $SERVERLOG & 176 pollLogForMsg "Listening on https*://0.0.0.0:$CA_DEFAULT_PORT" $SERVERLOG || ErrorExit "Failed to log CA startup message" 177 pid=$(pidof fabric-ca-server) 178 killserver $pid || ErrorExit "Failed to stop CA" 179 checkIdentity "a" $SERVERLOG # Check to see that a new identity properly got registered 180 checkIdentity "c" $SERVERLOG # Check to see that a new identity properly got registered 181 182 # Test scenario where database does not exist 183 # Fabric-ca should create the database and tables, and bootstrap 184 SERVERLOG="$FABRIC_CA_SERVER_HOME/serverlog.test3a.txt" 185 echo "############## Test 3 ##############" 186 echo "Test3: Database does not exist" 187 echo "Test3: Fabric-ca should create the database and tables, and bootstrap" 188 echo "Dropping '$DBNAME' database" 189 mysql --host=localhost --user=root --password=mysql -e "drop database fabric_ca;" &> /dev/null 190 191 $SCRIPTDIR/fabric-ca_setup.sh -S -X -g $MYSQLSERVERCONFIG2 2>&1 | tee $SERVERLOG & 192 pollLogForMsg "Listening on https*://0.0.0.0:$CA_DEFAULT_PORT" $SERVERLOG || ErrorExit "Failed to log CA startup message" 193 pid=$(pidof fabric-ca-server) 194 killserver $pid || ErrorExit "Failed to stop CA" 195 196 checkIdentity "a" $SERVERLOG # Check to see that a new identity properly got registered 197 checkIdentity "c" $SERVERLOG # Check to see that a new identity properly got registered 198 199 cleanup 200 # PostgreSQL Test 201 echo "############################ PostgresSQL Test ############################" 202 203 # Test scenario where database and tables exist, plus an already bootstrapped user is present in the users table 204 # Fabric-ca should create the tables and bootstrap 205 echo "############## Test 1 ##############" 206 SERVERLOG="$FABRIC_CA_SERVER_HOME/serverlog.test1b.txt" 207 echo "Test1: Database and tables exist, plus an already bootstrapped user is present in the users table" 208 echo "Test1: Fabric-ca should bootstap a newly added identity to the config to the user table" 209 psql -c "drop database $DBNAME" 210 psql -c "create database $DBNAME" 211 psql -d fabric_ca -c "CREATE TABLE users (id VARCHAR(64), token bytea, type VARCHAR(64), affiliation VARCHAR(64), attributes VARCHAR(256), state INTEGER, max_enrollments INTEGER)" 212 213 # Starting server first time with one bootstrap user 214 $SCRIPTDIR/fabric-ca_setup.sh -S -X -g $PGSQLSERVERCONFIG 2>&1 | tee $SERVERLOG & 215 pollLogForMsg "Listening on https*://0.0.0.0:$CA_DEFAULT_PORT" $SERVERLOG || ErrorExit "Failed to log CA startup message" 216 pid=$(pidof fabric-ca-server) 217 killserver $pid && rm $SERVERLOG || ErrorExit "Failed to stop CA" 218 219 # Starting server second time with a second bootstrap user 220 $SCRIPTDIR/fabric-ca_setup.sh -S -X -g $PGSQLSERVERCONFIG2 2>&1 | tee $SERVERLOG & 221 pollLogForMsg "Listening on https*://0.0.0.0:$CA_DEFAULT_PORT" $SERVERLOG || ErrorExit "Failed to log CA startup message" 222 pid=$(pidof fabric-ca-server) 223 killserver $pid || ErrorExit "Failed to stop CA" 224 225 existingIdentity "a" $SERVERLOG # Check to see that appropriate error message was seen for an already registered user 226 checkIdentity "c" $SERVERLOG # Check to see that a new identity properly got registered 227 228 existingAff "org1" $SERVERLOG 229 checkAff "org3.department1" $SERVERLOG 230 231 # Test scenario where database exist but tables do not exist 232 # Fabric-ca should create the tables and bootstrap 233 SERVERLOG="$FABRIC_CA_SERVER_HOME/serverlog.test2b.txt" 234 echo "############## Test 2 ##############" 235 echo "Test2: Database exist but tables do not exist" 236 echo "Test2: Fabric-ca should create the tables and bootstrap" 237 psql -c "drop database $DBNAME" 238 psql -c "create database $DBNAME" 239 240 $SCRIPTDIR/fabric-ca_setup.sh -S -X -g $PGSQLSERVERCONFIG2 2>&1 | tee $SERVERLOG & 241 pollLogForMsg "Listening on https*://0.0.0.0:$CA_DEFAULT_PORT" $SERVERLOG || ErrorExit "Failed to log CA startup message" 242 pid=$(pidof fabric-ca-server) 243 killserver $pid || ErrorExit "Failed to stop CA" 244 245 checkIdentity "a" $SERVERLOG # Check to see that a new identity properly got registered 246 checkIdentity "c" $SERVERLOG # Check to see that a new identity properly got registered 247 248 # Test scenario where database does not exist 249 # Fabric-ca should create the database and tables, and bootstrap 250 SERVERLOG="$FABRIC_CA_SERVER_HOME/serverlog.test3b.txt" 251 echo "############## Test 3 ##############" 252 echo "Test3: Database does not exist" 253 echo "Test3: Fabric-ca should create the database and tables, and bootstrap" 254 psql -c "drop database $DBNAME" 255 256 $SCRIPTDIR/fabric-ca_setup.sh -S -X -g $PGSQLSERVERCONFIG2 2>&1 | tee $SERVERLOG & 257 sleep 6 # Need to allow for Postgres to complete database and table creation 258 pollLogForMsg "Listening on https*://0.0.0.0:$CA_DEFAULT_PORT" $SERVERLOG || ErrorExit "Failed to log CA startup message" 259 pid=$(pidof fabric-ca-server) 260 killserver $pid || ErrorExit "Failed to stop CA" 261 262 checkIdentity "a" $SERVERLOG # Check to see that a new identity properly got registered 263 checkIdentity "c" $SERVERLOG # Check to see that a new identity properly got registered 264 265 echo "############################ PostgresSQL Test with Client ############################" 266 267 kill -INT `head -1 /usr/local/pgsql/data/postmaster.pid` # Shutdown postgres server 268 pollPostgres "" "" "" stop 2>&1 # Wait for postgres to stop 269 270 # Start fabric-ca server connecting to postgres, this will fail 271 SERVERLOG="$FABRIC_CA_SERVER_HOME/serverlog.test1c.txt" 272 $SCRIPTDIR/fabric-ca_setup.sh -S -X -g $PGSQLSERVERCONFIG2 | tee $SERVERLOG 2>&1 & 273 pollLogForMsg "Listening on https*://0.0.0.0:$CA_DEFAULT_PORT" $SERVERLOG || ErrorExit "Failed to log CA startup message" 274 275 # Enroll with a server that does not have a DB initialized, should expect to get back error 276 enroll a b 2>&1 | grep "Failed to connect to Postgres database" 277 if [ $? != 0 ]; then 278 ErrorMsg "Enroll request should have failed due to uninitialized postgres database" 279 fi 280 281 # Start postgres server 282 su postgres -c 'postgres -D /usr/local/pgsql/data' & 283 pollPostgres # Wait for postgres to start 284 sleep 5 # Postgres port is available but sometimes get back 'pq: the database system is starting up' error. Putting in sleep to allow for start up to complete 285 286 # Enroll again, this time the server should try to reinitialize the DB before processing enroll request and this should succeed 287 enroll a b 2>&1 | grep "Stored client certificate" 288 if [ $? != 0 ]; then 289 ErrorMsg "Enroll request should have passed" 290 fi 291 292 $SCRIPTDIR/fabric-ca_setup.sh -K 293 294 echo "############################ MySQL Test with Client ############################" 295 296 /etc/init.d/mysql stop >/dev/null 2>&1 297 pollMySql "" "" "" stop # Wait for MySQL to stop 298 299 # Start fabric-ca server connecting to MySQL, this will fail 300 SERVERLOG="$FABRIC_CA_SERVER_HOME/serverlog.test2c.txt" 301 $SCRIPTDIR/fabric-ca_setup.sh -S -X -g $MYSQLSERVERCONFIG2 | tee $SERVERLOG 2>&1 & 302 pollLogForMsg "Listening on https*://0.0.0.0:$CA_DEFAULT_PORT" $SERVERLOG || ErrorExit "Failed to log CA startup message" 303 304 # Enroll with a server that does not have a DB initialized, should expect to get back error 305 enroll a b 2>&1 | grep "Failed to connect to MySQL database" 306 if [ $? != 0 ]; then 307 ErrorMsg "Enroll request should have failed due to uninitialized mysql database" 308 fi 309 310 # Start mysql server 311 /usr/bin/mysqld_safe --sql-mode=STRICT_TRANS_TABLES & 312 pollMySql # Wait for MySQL to start 313 314 # Enroll again, this time the server should try to reinitialize the DB before processing enroll request and this should succeed 315 enroll a b 2>&1 | grep "Stored client certificate" 316 if [ $? != 0 ]; then 317 ErrorMsg "Enroll request should have passed" 318 fi 319 320 $SCRIPTDIR/fabric-ca_setup.sh -R -x $FABRIC_CA_SERVER_HOME 321 322 CleanUp $RC 323 exit $RC