def enroll_id(opts, ca, username, password):
"""Enroll an ID with a Fabric Certificate Authority
Args:
opts (dict): Nephos options dict.
ca (str): K8S release name of CA.
username (str): Username for identity.
password (str): Password for identity.
Returns:
str: Path of the MSP directory where cryptographic data is saved.
"""
dir_crypto = opts["core"]["dir_crypto"]
ca_namespace = get_namespace(opts, ca=ca)
ingress_urls = ingress_read(ca + "-hlf-ca", namespace=ca_namespace)
msp_dir = f"{username}_MSP"
msp_path = join(dir_crypto, msp_dir)
if not isdir(msp_path):
# Enroll
command = (
f'FABRIC_CA_CLIENT_HOME={dir_crypto} fabric-ca-client enroll ' +
f'-u https://{username}:{password}@{ingress_urls[0]} -M {join(dir_crypto, msp_dir)} '
+ f'--tls.certfiles {abspath(opts["cas"][ca]["tls_cert"])}')
execute_until_success(command)
return msp_path
def enroll_id(opts, ca, username, password, verbose=False):
"""Enroll an ID with a Fabric Certificate Authority
Args:
opts (dict): Nephos options dict.
ca (str): K8S release name of CA.
username (str): Username for identity.
password (str): Password for identity.
verbose (bool) Verbosity. False by default.
Returns:
str: Path of the MSP directory where cryptographic data is saved.
"""
dir_crypto = opts["core"]["dir_crypto"]
ca_namespace = get_namespace(opts, ca=ca)
ingress_urls = ingress_read(ca + "-hlf-ca",
namespace=ca_namespace,
verbose=verbose)
msp_dir = "{}_MSP".format(username)
msp_path = join(dir_crypto, msp_dir)
if not isdir(msp_path):
# Enroll
command = ("FABRIC_CA_CLIENT_HOME={dir} fabric-ca-client enroll " +
"-u https://{username}:{password}@{ingress} -M {msp_dir} " +
"--tls.certfiles {ca_server_tls}").format(
dir=dir_crypto,
username=username,
password=password,
ingress=ingress_urls[0],
msp_dir=join(dir_crypto, msp_dir),
ca_server_tls=abspath(opts["cas"][ca]["tls_cert"]),
)
execute_until_success(command)
return msp_path
def test_execute_verbose(self, mock_print, mock_execute):
mock_execute.side_effect = ['', '', '<h1>SomeWebsite</h1>']
execute_until_success('curl example.com', verbose=True, delay=0)
mock_print.assert_has_calls([call('.', end='', flush=True)] * 2 +
[call('<h1>SomeWebsite</h1>')])
mock_execute.assert_has_calls([call('curl example.com', show_command=True, show_errors=True, verbose=True)] +
[call('curl example.com', show_command=False, show_errors=False,
verbose=False)] * 2)
def test_execute(self, mock_log, mock_print, mock_execute):
mock_execute.side_effect = [
(None, "error"),
(None, "error"),
("<h1>SomeWebsite</h1>", None),
]
execute_until_success("curl example.com", delay=0)
mock_print.assert_has_calls([call(".", end="", flush=True)] * 2)
mock_log.info.assert_has_calls([call("<h1>SomeWebsite</h1>")])
mock_execute.assert_has_calls([call("curl example.com")] * 2)
def check_ca(ingress_host, cacert=None):
"""Check that the CA Ingress is responsive.
Args:
ingress_host (str): Ingress host for the CA.
cacert (str): Path of the CA cert.
"""
# Check that CA ingress is operational
command = f"curl https://{ingress_host}/cainfo"
if cacert:
command += f" --cacert {cacert}"
execute_until_success(command)
def check_ca(ingress_host, cacert=None, verbose=False):
"""Check that the CA Ingress is responsive.
Args:
ingress_host (str): Ingress host for the CA.
cacert (str): Path of the CA cert.
verbose (bool): Verbosity. False by default.
"""
# Check that CA ingress is operational
command = "curl https://{ingress}/cainfo".format(ingress=ingress_host)
if cacert:
command += " --cacert {}".format(cacert)
execute_until_success(command, verbose=verbose)
def enroll_node(opts, ca, username, password, verbose=False):
dir_config = opts['core']['dir_config']
ca_namespace = get_namespace(opts, ca=ca)
ingress_urls = ingress_read(ca + '-hlf-ca',
namespace=ca_namespace,
verbose=verbose)
msp_dir = '{}_MSP'.format(username)
msp_path = path.join(dir_config, msp_dir)
if not path.isdir(msp_path):
# Enroll
command = ('FABRIC_CA_CLIENT_HOME={dir} fabric-ca-client enroll ' +
'-u https://{username}:{password}@{ingress} -M {msp_dir} ' +
'--tls.certfiles {ca_server_tls}').format(
dir=dir_config,
username=username,
password=password,
ingress=ingress_urls[0],
msp_dir=msp_dir,
ca_server_tls=path.abspath(opts['cas'][ca]['tls_cert']))
execute_until_success(command)
return msp_path
def test_execute(self, mock_print, mock_execute):
mock_execute.side_effect = [
(None, "error"),
(None, "error"),
("<h1>SomeWebsite</h1>", None),
]
execute_until_success("curl example.com", delay=0)
mock_print.assert_has_calls([call(".", end="", flush=True)] * 2)
mock_execute.assert_has_calls([
call(
"curl example.com",
show_command=True,
show_errors=True,
verbose=False,
)
] + [
call(
"curl example.com",
show_command=False,
show_errors=False,
verbose=False,
)
] * 2)
def check_ca(ingress_host, verbose=False):
# Check that CA ingress is operational
command = 'curl https://{ingress}/cainfo'.format(ingress=ingress_host)
execute_until_success(command, verbose=verbose)