github.com/extrame/fabric-ca@v2.0.0-alpha+incompatible/scripts/fvt/db_test.sh (about) 1 #!/bin/bash 2 # 3 # Copyright IBM Corp. All Rights Reserved. 4 # 5 # SPDX-License-Identifier: Apache-2.0 6 # 7 8 : ${TESTCASE:="db_resiliency"} 9 FABRIC_CA="$GOPATH/src/github.com/hyperledger/fabric-ca" 10 FABRIC_CAEXEC="$FABRIC_CA/bin/fabric-ca" 11 TESTDATA="$FABRIC_CA/testdata" 12 SCRIPTDIR="$FABRIC_CA/scripts/fvt" 13 . $SCRIPTDIR/fabric-ca_utils 14 HOST="http://localhost:$PROXY_PORT" 15 RC=0 16 17 export FABRIC_CA_SERVER_HOME="/tmp/$TESTCASE" 18 export CA_CFG_PATH="/tmp/$TESTCASE" 19 20 MYSQLSERVERCONFIG="$FABRIC_CA_SERVER_HOME/mysqlserverconfig.yaml" 21 MYSQLSERVERCONFIG2="$FABRIC_CA_SERVER_HOME/mysqlserverconfig2.yaml" 22 PGSQLSERVERCONFIG="$FABRIC_CA_SERVER_HOME/pgsqlserverconfig.yaml" 23 PGSQLSERVERCONFIG2="$FABRIC_CA_SERVER_HOME/pgsqlserverconfig2.yaml" 24 MSP="$FABRIC_CA_SERVER_HOME/msp" 25 SERVERCERT="$FABRIC_CA_SERVER_HOME/fabric-ca-cert.pem" 26 DBNAME="fabric_ca" 27 28 function cleanup { 29 rm $SERVERCERT 30 rm -rf $MSP 31 rm $SERVERLOG 32 } 33 34 function existingIdentity { 35 grep "Identity '$1' already registered, loaded identity" $2 &> /dev/null 36 if [ $? != 0 ]; then 37 ErrorMsg "Should have thrown an error inserting an already registered user" 38 else 39 echo -e "\t Test - Already registered identity message encountered: passed" 40 fi 41 } 42 43 function checkIdentity { 44 grep "Successfully added identity $1 to the database" $2 &> /dev/null 45 if [ $? != 0 ]; then 46 ErrorMsg "Identity should not already exist in database, and should have gotten added" 47 else 48 echo -e "\t Test - New identity added: passed" 49 fi 50 } 51 52 function existingAff { 53 grep "Affiliation '$1' already exists" $2 &> /dev/null 54 if [ $? != 0 ]; then 55 ErrorMsg "Should have thrown an error inserting an already existing affiliation" 56 else 57 echo -e "\t Test - Already existing affiliation message encountered: passed" 58 fi 59 } 60 61 function checkAff { 62 grep "Affiliation '$1' added" $2 &> /dev/null 63 if [ $? != 0 ]; then 64 ErrorMsg "Affiliation should not already exist in database, and should have gotten added" 65 else 66 echo -e "\t Test - New affiliation added: passed" 67 fi 68 } 69 70 function genConfig { 71 postgresTls='sslmode=disable' 72 case "$FABRIC_TLS" in 73 true) postgresTls='sslmode=require'; mysqlTls='?tls=custom' ;; 74 esac 75 76 mkdir -p $FABRIC_CA_SERVER_HOME 77 # Create base configuration using mysql 78 cat > $MYSQLSERVERCONFIG <<EOF 79 debug: true 80 81 db: 82 type: mysql 83 datasource: root:mysql@tcp(localhost:$MYSQL_PORT)/fabric_ca$mysqlTls 84 tls: 85 enabled: $FABRIC_TLS 86 certfiles: 87 - $TLS_ROOTCERT 88 client: 89 certfile: $TLS_CLIENTCERT 90 keyfile: $TLS_CLIENTKEY 91 92 tls: 93 enabled: $FABRIC_TLS 94 certfile: $TLS_SERVERCERT 95 keyfile: $TLS_SERVERKEY 96 97 registry: 98 # Maximum number of times a password/secret can be reused for enrollment 99 # (default: -1, which means there is no limit) 100 maxenrollments: -1 101 102 # Contains identity information which is used when LDAP is disabled 103 identities: 104 - name: a 105 pass: b 106 type: client 107 affiliation: "" 108 maxenrollments: -1 109 attrs: 110 hf.Registrar.Roles: "client,user,peer,validator,auditor" 111 hf.Registrar.DelegateRoles: "client,user,validator,auditor" 112 hf.Revoker: true 113 hf.IntermediateCA: true 114 115 affiliations: 116 org1: 117 - department1 118 - department2 119 org2: 120 - department1 121 EOF 122 123 # mysql configuration with two bootstrap users 124 cp $MYSQLSERVERCONFIG $MYSQLSERVERCONFIG2 125 sed -i '/hf.IntermediateCA:/a\ 126 - name: c\ 127 pass: d\ 128 type: client\ 129 affiliation: ""\ 130 maxenrollments: -1\ 131 attrs:\ 132 hf.Registrar.Roles: "client,user,peer,validator,auditor"\ 133 hf.Registrar.DelegateRoles: "client,user,validator,auditor"\ 134 hf.Revoker: true\ 135 hf.IntermediateCA: true ' $MYSQLSERVERCONFIG2 136 echo -e " org3:\n - department1" >> $MYSQLSERVERCONFIG2 137 138 # Clone the mysql configuration for postgres 139 cp $MYSQLSERVERCONFIG $PGSQLSERVERCONFIG 140 cp $MYSQLSERVERCONFIG2 $PGSQLSERVERCONFIG2 141 sed -i "s/type: mysql/type: postgres/ 142 s/datasource:.*/datasource: host=localhost port=$POSTGRES_PORT user=postgres password=postgres dbname=fabric_ca $postgresTls/" \ 143 $PGSQLSERVERCONFIG $PGSQLSERVERCONFIG2 144 } 145 146 $SCRIPTDIR/fabric-ca_setup.sh -R -x $FABRIC_CA_SERVER_HOME 147 genConfig 148 149 # MySQL Test 150 echo "############################ MySQL Test ############################" 151 152 # Test scenario where database and tables exist, plus an already bootstrapped user is present in the users table 153 # Fabric-ca should bootstap a newly added identity to the config to the user table 154 echo "############## Test 1 ##############" 155 echo "Test1: Database and tables exist, plus an already bootstrapped user is present in the users table" 156 echo "Test1: Fabric-ca should bootstap a newly added identity to the config to the user table" 157 echo "Creating '$DBNAME' MySQL database and tables before starting up server" 158 mysql --host=localhost --user=root --password=mysql -e "drop database $DBNAME;" -e "create database $DBNAME;" &> /dev/null 159 mysql --host=localhost --user=root --password=mysql --database=$DBNAME -e "CREATE TABLE users (id VARCHAR(64) NOT NULL, token blob, type VARCHAR(64), affiliation VARCHAR(64), attributes VARCHAR(256), state INTEGER, max_enrollments INTEGER, PRIMARY KEY (id)) DEFAULT CHARSET=utf8 COLLATE utf8_bin;" &> /dev/null 160 161 # Starting server first time with one bootstrap user 162 SERVERLOG="$FABRIC_CA_SERVER_HOME/serverlog.test1a.txt" 163 $SCRIPTDIR/fabric-ca_setup.sh -S -X -g $MYSQLSERVERCONFIG 2>&1 | tee $SERVERLOG & 164 pollLogForMsg "Listening on https*://0.0.0.0:$CA_DEFAULT_PORT" $SERVERLOG || ErrorExit "Failed to log CA startup message" 165 pid=$(pidof fabric-ca-server) 166 killserver $pid && rm $SERVERLOG || ErrorExit "Failed to stop CA" 167 # Starting server second time with a second bootstrap user 168 $SCRIPTDIR/fabric-ca_setup.sh -S -X -g $MYSQLSERVERCONFIG2 2>&1 | tee $SERVERLOG & 169 pollLogForMsg "Listening on https*://0.0.0.0:$CA_DEFAULT_PORT" $SERVERLOG || ErrorExit "Failed to log CA startup message" 170 pid=$(pidof fabric-ca-server) 171 killserver $pid || ErrorExit "Failed to stop CA" 172 173 existingIdentity "a" $SERVERLOG # Check to see that appropriate error message was seen for an already registered user 174 checkIdentity "c" $SERVERLOG # Check to see that a new identity properly got registered 175 existingAff "org1" $SERVERLOG 176 checkAff "org3.department1" $SERVERLOG 177 178 # Test scenario where database exists but tables do not exist 179 # Fabric-ca should create the tables and bootstrap 180 SERVERLOG="$FABRIC_CA_SERVER_HOME/serverlog.test2a.txt" 181 echo "############## Test 2 ##############" 182 echo "Test2: Database exist but tables do not exist" 183 echo "Test2: Fabric-ca should create the tables and bootstrap" 184 echo "Dropping and creating an empty '$DBNAME' database" 185 mysql --host=localhost --user=root --password=mysql -e "drop database fabric_ca;" -e "create database fabric_ca;" &> /dev/null 186 187 $SCRIPTDIR/fabric-ca_setup.sh -S -X -g $MYSQLSERVERCONFIG2 2>&1 | tee $SERVERLOG & 188 pollLogForMsg "Listening on https*://0.0.0.0:$CA_DEFAULT_PORT" $SERVERLOG || ErrorExit "Failed to log CA startup message" 189 pid=$(pidof fabric-ca-server) 190 killserver $pid || ErrorExit "Failed to stop CA" 191 checkIdentity "a" $SERVERLOG # Check to see that a new identity properly got registered 192 checkIdentity "c" $SERVERLOG # Check to see that a new identity properly got registered 193 194 # Test scenario where database does not exist 195 # Fabric-ca should create the database and tables, and bootstrap 196 SERVERLOG="$FABRIC_CA_SERVER_HOME/serverlog.test3a.txt" 197 echo "############## Test 3 ##############" 198 echo "Test3: Database does not exist" 199 echo "Test3: Fabric-ca should create the database and tables, and bootstrap" 200 echo "Dropping '$DBNAME' database" 201 mysql --host=localhost --user=root --password=mysql -e "drop database fabric_ca;" &> /dev/null 202 203 $SCRIPTDIR/fabric-ca_setup.sh -S -X -g $MYSQLSERVERCONFIG2 2>&1 | tee $SERVERLOG & 204 pollLogForMsg "Listening on https*://0.0.0.0:$CA_DEFAULT_PORT" $SERVERLOG || ErrorExit "Failed to log CA startup message" 205 pid=$(pidof fabric-ca-server) 206 killserver $pid || ErrorExit "Failed to stop CA" 207 208 checkIdentity "a" $SERVERLOG # Check to see that a new identity properly got registered 209 checkIdentity "c" $SERVERLOG # Check to see that a new identity properly got registered 210 211 cleanup 212 # PostgreSQL Test 213 echo "############################ PostgresSQL Test ############################" 214 215 # Test scenario where database and tables exist, plus an already bootstrapped user is present in the users table 216 # Fabric-ca should create the tables and bootstrap 217 echo "############## Test 1 ##############" 218 SERVERLOG="$FABRIC_CA_SERVER_HOME/serverlog.test1b.txt" 219 echo "Test1: Database and tables exist, plus an already bootstrapped user is present in the users table" 220 echo "Test1: Fabric-ca should bootstap a newly added identity to the config to the user table" 221 psql -c "drop database $DBNAME" 222 psql -c "create database $DBNAME" 223 psql -d fabric_ca -c "CREATE TABLE users (id VARCHAR(64), token bytea, type VARCHAR(64), affiliation VARCHAR(64), attributes VARCHAR(256), state INTEGER, max_enrollments INTEGER)" 224 225 # Starting server first time with one bootstrap user 226 $SCRIPTDIR/fabric-ca_setup.sh -S -X -g $PGSQLSERVERCONFIG 2>&1 | tee $SERVERLOG & 227 pollLogForMsg "Listening on https*://0.0.0.0:$CA_DEFAULT_PORT" $SERVERLOG || ErrorExit "Failed to log CA startup message" 228 pid=$(pidof fabric-ca-server) 229 killserver $pid && rm $SERVERLOG || ErrorExit "Failed to stop CA" 230 231 # Starting server second time with a second bootstrap user 232 $SCRIPTDIR/fabric-ca_setup.sh -S -X -g $PGSQLSERVERCONFIG2 2>&1 | tee $SERVERLOG & 233 pollLogForMsg "Listening on https*://0.0.0.0:$CA_DEFAULT_PORT" $SERVERLOG || ErrorExit "Failed to log CA startup message" 234 pid=$(pidof fabric-ca-server) 235 killserver $pid || ErrorExit "Failed to stop CA" 236 237 existingIdentity "a" $SERVERLOG # Check to see that appropriate error message was seen for an already registered user 238 checkIdentity "c" $SERVERLOG # Check to see that a new identity properly got registered 239 240 existingAff "org1" $SERVERLOG 241 checkAff "org3.department1" $SERVERLOG 242 243 # Test scenario where database exist but tables do not exist 244 # Fabric-ca should create the tables and bootstrap 245 SERVERLOG="$FABRIC_CA_SERVER_HOME/serverlog.test2b.txt" 246 echo "############## Test 2 ##############" 247 echo "Test2: Database exist but tables do not exist" 248 echo "Test2: Fabric-ca should create the tables and bootstrap" 249 psql -c "drop database $DBNAME" 250 psql -c "create database $DBNAME" 251 252 $SCRIPTDIR/fabric-ca_setup.sh -S -X -g $PGSQLSERVERCONFIG2 2>&1 | tee $SERVERLOG & 253 pollLogForMsg "Listening on https*://0.0.0.0:$CA_DEFAULT_PORT" $SERVERLOG || ErrorExit "Failed to log CA startup message" 254 pid=$(pidof fabric-ca-server) 255 killserver $pid || ErrorExit "Failed to stop CA" 256 257 checkIdentity "a" $SERVERLOG # Check to see that a new identity properly got registered 258 checkIdentity "c" $SERVERLOG # Check to see that a new identity properly got registered 259 260 # Test scenario where database does not exist 261 # Fabric-ca should create the database and tables, and bootstrap 262 SERVERLOG="$FABRIC_CA_SERVER_HOME/serverlog.test3b.txt" 263 echo "############## Test 3 ##############" 264 echo "Test3: Database does not exist" 265 echo "Test3: Fabric-ca should create the database and tables, and bootstrap" 266 psql -c "drop database $DBNAME" 267 268 $SCRIPTDIR/fabric-ca_setup.sh -S -X -g $PGSQLSERVERCONFIG2 2>&1 | tee $SERVERLOG & 269 sleep 6 # Need to allow for Postgres to complete database and table creation 270 pollLogForMsg "Listening on https*://0.0.0.0:$CA_DEFAULT_PORT" $SERVERLOG || ErrorExit "Failed to log CA startup message" 271 pid=$(pidof fabric-ca-server) 272 killserver $pid || ErrorExit "Failed to stop CA" 273 274 checkIdentity "a" $SERVERLOG # Check to see that a new identity properly got registered 275 checkIdentity "c" $SERVERLOG # Check to see that a new identity properly got registered 276 277 echo "############################ PostgresSQL Test with Client ############################" 278 279 kill -INT `head -1 /usr/local/pgsql/data/postmaster.pid` # Shutdown postgres server 280 pollPostgres "" "" "" stop 2>&1 # Wait for postgres to stop 281 282 # Start fabric-ca server connecting to postgres, this will fail 283 SERVERLOG="$FABRIC_CA_SERVER_HOME/serverlog.test1c.txt" 284 $SCRIPTDIR/fabric-ca_setup.sh -S -X -g $PGSQLSERVERCONFIG2 | tee $SERVERLOG 2>&1 & 285 pollLogForMsg "Listening on https*://0.0.0.0:$CA_DEFAULT_PORT" $SERVERLOG || ErrorExit "Failed to log CA startup message" 286 287 # Enroll with a server that does not have a DB initialized, should expect to get back error 288 enroll a b 2>&1 | grep "Failed to connect to Postgres database" 289 if [ $? != 0 ]; then 290 ErrorMsg "Enroll request should have failed due to uninitialized postgres database" 291 fi 292 293 # Start postgres server 294 su postgres -c 'postgres -D /usr/local/pgsql/data' & 295 pollPostgres # Wait for postgres to start 296 sleep 5 # Postgres port is available but sometimes get back 'pq: the database system is starting up' error. Putting in sleep to allow for start up to complete 297 298 # Enroll again, this time the server should try to reinitialize the DB before processing enroll request and this should succeed 299 enroll a b 2>&1 | grep "Stored client certificate" 300 if [ $? != 0 ]; then 301 ErrorMsg "Enroll request should have passed" 302 fi 303 304 $SCRIPTDIR/fabric-ca_setup.sh -K 305 306 echo "############################ MySQL Test with Client ############################" 307 308 /etc/init.d/mysql stop >/dev/null 2>&1 309 pollMySql "" "" "" stop # Wait for MySQL to stop 310 311 # Start fabric-ca server connecting to MySQL, this will fail 312 SERVERLOG="$FABRIC_CA_SERVER_HOME/serverlog.test2c.txt" 313 $SCRIPTDIR/fabric-ca_setup.sh -S -X -g $MYSQLSERVERCONFIG2 | tee $SERVERLOG 2>&1 & 314 pollLogForMsg "Listening on https*://0.0.0.0:$CA_DEFAULT_PORT" $SERVERLOG || ErrorExit "Failed to log CA startup message" 315 316 # Enroll with a server that does not have a DB initialized, should expect to get back error 317 enroll a b 2>&1 | grep "Failed to connect to MySQL database" 318 if [ $? != 0 ]; then 319 ErrorMsg "Enroll request should have failed due to uninitialized mysql database" 320 fi 321 322 # Start mysql server 323 /usr/bin/mysqld_safe --sql-mode=STRICT_TRANS_TABLES & 324 pollMySql # Wait for MySQL to start 325 326 # Enroll again, this time the server should try to reinitialize the DB before processing enroll request and this should succeed 327 enroll a b 2>&1 | grep "Stored client certificate" 328 if [ $? != 0 ]; then 329 ErrorMsg "Enroll request should have passed" 330 fi 331 332 $SCRIPTDIR/fabric-ca_setup.sh -R -x $FABRIC_CA_SERVER_HOME 333 334 CleanUp $RC 335 exit $RC