def test_credentials_secret_again(self, mock_rand_string,
mock_secret_create, mock_secret_read):
mock_secret_read.side_effect = [self.SECRET_DATA]
credentials_secret("a-secret", "a-namespace", "a-user", "a-password")
mock_secret_read.assert_called_once_with("a-secret", "a-namespace")
mock_rand_string.assert_not_called()
mock_secret_create.assert_not_called()
def test_credentials_secret_baduser(self, mock_rand_string,
mock_secret_create, mock_secret_read):
mock_secret_read.side_effect = [self.SECRET_DATA]
with pytest.raises(AssertionError):
credentials_secret("a-secret", "a-namespace", "another-user",
"a-password")
mock_secret_read.assert_called_once_with("a-secret", "a-namespace")
mock_rand_string.assert_not_called()
mock_secret_create.assert_not_called()
def test_credentials_secret(self, mock_rand_string, mock_secret_create,
mock_secret_read):
mock_secret_read.side_effect = [ApiException]
mock_rand_string.side_effect = ["a-password"]
credentials_secret("a-secret", "a-namespace", "a-user")
mock_secret_read.assert_called_once_with("a-secret", "a-namespace")
mock_rand_string.assert_called_once_with(24)
mock_secret_create.assert_called_once_with(self.SECRET_DATA,
"a-secret", "a-namespace")
def test_credentials_secret_again(self, mock_rand_string,
mock_secret_create, mock_secret_read):
mock_secret_read.side_effect = [self.SECRET_DATA]
credentials_secret('a-secret', 'a-namespace', 'a-user', 'a-password')
mock_secret_read.assert_called_once_with('a-secret',
'a-namespace',
verbose=False)
mock_rand_string.assert_not_called()
mock_secret_create.assert_not_called()
def test_credentials_secret_baduser(self, mock_rand_string,
mock_secret_create, mock_secret_read):
mock_secret_read.side_effect = [self.SECRET_DATA]
with pytest.raises(AssertionError):
credentials_secret('a-secret', 'a-namespace', 'another-user',
'a-password')
mock_secret_read.assert_called_once_with('a-secret',
'a-namespace',
verbose=False)
mock_rand_string.assert_not_called()
mock_secret_create.assert_not_called()
def test_credentials_secret(self, mock_rand_string, mock_secret_create,
mock_secret_read):
mock_secret_read.side_effect = [ApiException]
mock_rand_string.side_effect = ['a-password']
credentials_secret('a-secret', 'a-namespace', 'a-user')
mock_secret_read.assert_called_once_with('a-secret',
'a-namespace',
verbose=False)
mock_rand_string.assert_called_once_with(24)
mock_secret_create.assert_called_once_with(self.SECRET_DATA,
'a-secret', 'a-namespace')
def setup_nodes(opts, node_type, verbose=False):
nodes = opts[node_type + 's']
msp_values = opts['msps'][nodes['msp']]
node_namespace = get_namespace(opts, nodes['msp'])
ca_namespace = get_namespace(opts, ca=opts['msps'][nodes['msp']]['ca'])
for release in nodes['names']:
# Create secret with Orderer credentials
secret_name = 'hlf--{}-cred'.format(release)
secret_data = credentials_secret(secret_name,
node_namespace,
username=release,
verbose=verbose)
# Register node
register_node(ca_namespace,
msp_values['ca'],
node_type,
secret_data['CA_USERNAME'],
secret_data['CA_PASSWORD'],
verbose=verbose)
# Enroll node
msp_path = enroll_node(opts,
msp_values['ca'],
secret_data['CA_USERNAME'],
secret_data['CA_PASSWORD'],
verbose=verbose)
# Secrets
id_to_secrets(namespace=node_namespace,
msp_path=msp_path,
user=release,
verbose=verbose)
def setup_id(opts, msp_name, release, id_type, verbose=False):
"""Setup single ID by registering, enrolling, and saving ID to K8S secrets.
Args:
opts (dict): Nephos options dict.
msp_name (str): Name of Membership Service Provider.
release (str): Name of release/node.
id_type (str): Type of ID we use.
verbose (bool) Verbosity. False by default.
"""
msp_values = opts["msps"][msp_name]
node_namespace = get_namespace(opts, msp_name)
if opts["cas"]:
ca_namespace = get_namespace(opts, ca=opts["msps"][msp_name]["ca"])
# Create secret with Orderer credentials
secret_name = "hlf--{}-cred".format(release)
secret_data = credentials_secret(
secret_name, node_namespace, username=release, verbose=verbose
)
# Register node
register_id(
ca_namespace,
msp_values["ca"],
secret_data["CA_USERNAME"],
secret_data["CA_PASSWORD"],
id_type,
verbose=verbose,
)
# Enroll node
msp_path = enroll_id(
opts,
msp_values["ca"],
secret_data["CA_USERNAME"],
secret_data["CA_PASSWORD"],
verbose=verbose,
)
else:
# Otherwise we are using Cryptogen
glob_target = "{dir_crypto}/crypto-config/{node_type}Organizations/{ns}*/{node_type}s/{node_name}*/msp".format(
dir_crypto=opts["core"]["dir_crypto"],
node_type=id_type,
node_name=release,
ns=node_namespace,
)
msp_path_list = glob(glob_target)
if len(msp_path_list) == 1:
msp_path = msp_path_list[0]
else:
raise ValueError(
"MSP path list length is {} - {}".format(
len(msp_path_list), msp_path_list
)
)
# Secrets
id_to_secrets(
namespace=node_namespace, msp_path=msp_path, username=release, verbose=verbose
)
def admin_creds(opts, msp_name, verbose=False):
msp_namespace = get_namespace(opts, msp=msp_name)
msp_values = opts['msps'][msp_name]
admin_cred_secret = 'hlf--{}-admincred'.format(msp_values['org_admin'])
secret_data = credentials_secret(admin_cred_secret,
msp_namespace,
username=msp_values['org_admin'],
password=msp_values.get('org_adminpw'),
verbose=verbose)
msp_values['org_adminpw'] = secret_data['CA_PASSWORD']
def setup_id(opts, msp_name, release, id_type):
"""Setup single ID by registering, enrolling, and saving ID to K8S secrets.
Args:
opts (dict): Nephos options dict.
msp_name (str): Name of Membership Service Provider.
release (str): Name of release/node.
id_type (str): Type of ID we use.
"""
msp_values = opts["msps"][msp_name]
node_namespace = get_namespace(opts, msp_name)
if opts["cas"]:
ca_namespace = get_namespace(opts, ca=opts["msps"][msp_name]["ca"])
# Create secret with Orderer credentials
secret_name = f"hlf--{release}-cred"
secret_data = credentials_secret(secret_name,
node_namespace,
username=release)
# Register node
register_id(
ca_namespace,
msp_values["ca"],
secret_data["CA_USERNAME"],
secret_data["CA_PASSWORD"],
id_type,
)
# Enroll node
msp_path = enroll_id(
opts,
msp_values["ca"],
secret_data["CA_USERNAME"],
secret_data["CA_PASSWORD"],
)
else:
# Otherwise we are using Cryptogen
glob_target = f"{opts['core']['dir_crypto']}/crypto-config/{id_type}Organizations/{node_namespace}*/{id_type}s/{release}*/msp"
msp_path_list = glob(glob_target)
if len(msp_path_list) == 1:
msp_path = msp_path_list[0]
else:
raise ValueError(
f"MSP path list length is {msp_path_list} - {msp_path_list}")
# Secrets
id_to_secrets(namespace=node_namespace,
msp_path=msp_path,
username=release)
def admin_creds(opts, msp_name):
"""Get admin credentials and save them to Nephos options dict.
Args:
opts (dict): Nephos options dict.
msp_name (str): Name of Membership Service Provider.
"""
msp_namespace = get_namespace(opts, msp=msp_name)
msp_values = opts["msps"][msp_name]
admin_cred_secret = f"hlf--{msp_values['org_admin']}-admincred"
secret_data = credentials_secret(
admin_cred_secret,
msp_namespace,
username=msp_values["org_admin"],
password=msp_values.get("org_adminpw"),
)
msp_values["org_adminpw"] = secret_data["CA_PASSWORD"]
def admin_creds(opts, msp_name, verbose=False):
"""Get admin credentials and save them to Nephos options dict.
Args:
opts (dict): Nephos options dict.
msp_name (str): Name of Membership Service Provider.
verbose (bool) Verbosity. False by default.
"""
msp_namespace = get_namespace(opts, msp=msp_name)
msp_values = opts["msps"][msp_name]
admin_cred_secret = "hlf--{}-admincred".format(msp_values["org_admin"])
secret_data = credentials_secret(
admin_cred_secret,
msp_namespace,
username=msp_values["org_admin"],
password=msp_values.get("org_adminpw"),
verbose=verbose,
)
msp_values["org_adminpw"] = secret_data["CA_PASSWORD"]
