def ca_chart(opts, release, upgrade=False, verbose=False):
values_dir = opts['core']['dir_values']
repository = opts['core']['chart_repo']
ca_namespace = get_namespace(opts, ca=release)
# PostgreSQL (Upgrades here are dangerous, deactivated by default)
helm_install('stable',
'postgresql',
'{}-pg'.format(release),
ca_namespace,
config_yaml='{dir}/postgres-ca/{name}-pg.yaml'.format(
dir=values_dir, name=release),
verbose=verbose)
psql_secret = secret_read('{}-pg-postgresql'.format(release),
ca_namespace,
verbose=verbose)
# Different key depending of PostgreSQL version
psql_password = psql_secret.get(
'postgres-password') or psql_secret['postgresql-password']
env_vars = [('externalDatabase.password', psql_password)]
# Fabric CA
if not upgrade:
helm_install(repository,
'hlf-ca',
release,
ca_namespace,
config_yaml='{dir}/hlf-ca/{name}.yaml'.format(
dir=values_dir, name=release),
env_vars=env_vars,
verbose=verbose)
else:
# TODO: Remove this try/catch once all CAs are updated
try:
preserve = (HelmPreserve('{}-hlf-ca'.format(release), 'CA_ADMIN',
'adminUsername'),
HelmPreserve('{}-hlf-ca'.format(release),
'CA_PASSWORD', 'adminPassword'))
helm_upgrade(repository,
'hlf-ca',
release,
ca_namespace,
config_yaml='{dir}/hlf-ca/{name}.yaml'.format(
dir=values_dir, name=release),
env_vars=env_vars,
preserve=preserve,
verbose=verbose)
except:
preserve = (HelmPreserve('{}-hlf-ca--ca'.format(release),
'CA_ADMIN', 'adminUsername'),
HelmPreserve('{}-hlf-ca--ca'.format(release),
'CA_PASSWORD', 'adminPassword'))
helm_upgrade(repository,
'hlf-ca',
release,
ca_namespace,
config_yaml='{dir}/hlf-ca/{name}.yaml'.format(
dir=values_dir, name=release),
env_vars=env_vars,
preserve=preserve,
verbose=verbose)
def test_peer_upgrade(
self,
mock_check_peer,
mock_get_version,
mock_helm_check,
mock_helm_extra_vars,
mock_helm_install,
mock_helm_upgrade,
mock_get_peers,
):
OPTS = deepcopy(self.OPTS)
OPTS["msps"]["BetaMSP"]["peers"]["nodes"] = {"peer0": {}}
mock_get_version.side_effect = ["cdb-version", "peer-version"]
mock_get_peers.side_effect = [["peer0"]]
mock_helm_extra_vars.side_effect = [
"extra-vars-cdb-peer0", "extra-vars-peer0"
]
setup_peer(OPTS, upgrade=True)
mock_get_peers.assert_called_once_with(opts=OPTS, msp="BetaMSP")
mock_helm_extra_vars.assert_has_calls([
call(
version="cdb-version",
config_yaml="./a_dir/BetaMSP/hlf-couchdb/cdb-peer0.yaml",
preserve=(
HelmPreserve(
"peer-namespace",
"cdb-peer0-hlf-couchdb",
"COUCHDB_USERNAME",
"couchdbUsername",
),
HelmPreserve(
"peer-namespace",
"cdb-peer0-hlf-couchdb",
"COUCHDB_PASSWORD",
"couchdbPassword",
),
),
),
call(
version="peer-version",
config_yaml="./a_dir/BetaMSP/hlf-peer/peer0.yaml",
),
])
mock_helm_install.assert_not_called()
mock_helm_upgrade.assert_has_calls([
call(
"a-repo",
"hlf-couchdb",
"cdb-peer0",
extra_vars="extra-vars-cdb-peer0",
),
call("a-repo", "hlf-peer", "peer0", extra_vars="extra-vars-peer0"),
])
mock_helm_check.assert_has_calls([
call("hlf-couchdb", "cdb-peer0", "peer-namespace"),
call("hlf-peer", "peer0", "peer-namespace"),
])
mock_check_peer.assert_called_once_with("peer-namespace", "peer0")
def ca_chart(opts, release, upgrade=False):
"""Deploy CA Helm chart to K8S.
Args:
opts (dict): Nephos options dict.
release (str): Name of the Helm Chart release.
upgrade (bool): Do we upgrade the deployment? False by default.
"""
values_dir = opts["core"]["dir_values"]
repository = opts["core"]["chart_repo"]
ca_namespace = get_namespace(opts, ca=release)
# PostgreSQL (Upgrades here are dangerous, deactivated by default)
# Upgrading database is risky, so we disallow it by default
if not upgrade:
version = get_version(opts, "postgresql")
config_yaml = f"{values_dir}/postgres-ca/{release}-pg.yaml"
extra_vars = helm_extra_vars(version=version, config_yaml=config_yaml)
helm_install("stable",
"postgresql",
f"{release}-pg",
ca_namespace,
extra_vars=extra_vars)
helm_check("postgresql", f"{release}-pg", ca_namespace)
psql_secret = secret_read(f"{release}-pg-postgresql", ca_namespace)
# Different key depending of PostgreSQL version
psql_password = (psql_secret.get("postgres-password")
or psql_secret["postgresql-password"])
# Fabric CA
version = get_version(opts, "hlf-ca")
env_vars = [("externalDatabase.password", psql_password)]
config_yaml = f"{values_dir}/hlf-ca/{release}.yaml"
if not upgrade:
extra_vars = helm_extra_vars(version=version,
config_yaml=config_yaml,
env_vars=env_vars)
helm_install(repository,
"hlf-ca",
release,
ca_namespace,
extra_vars=extra_vars)
else:
preserve = (
HelmPreserve(ca_namespace, f"{release}-hlf-ca--ca", "CA_ADMIN",
"adminUsername"),
HelmPreserve(ca_namespace, f"{release}-hlf-ca--ca", "CA_PASSWORD",
"adminPassword"),
)
extra_vars = helm_extra_vars(
version=version,
config_yaml=config_yaml,
env_vars=env_vars,
preserve=preserve,
)
helm_upgrade(repository, "hlf-ca", release, extra_vars=extra_vars)
helm_check("hlf-ca", release, ca_namespace)
def deploy_composer(opts, upgrade=False, verbose=False):
"""Deploy Hyperledger Composer on K8S.
We use the hl-composer Helm chart as a basis to deploying Composer
on K8S. Please note that Composer is unmaintained and may eventually
be deprecated from this repository as we migrate to raw Fabric.
Args:
opts (dict): Nephos options dict.
upgrade (bool): Do we upgrade the deployment? False by default.
verbose (bool): Verbosity. False by default.
"""
peer_namespace = get_namespace(opts, opts["peers"]["msp"])
# Ensure BNA exists
secret_from_file(secret=opts["composer"]["secret_bna"],
namespace=peer_namespace,
verbose=verbose)
composer_connection(opts, verbose=verbose)
# Start Composer
version = get_version(opts, "hl-composer")
config_yaml = "{dir}/hl-composer/{release}.yaml".format(
dir=opts["core"]["dir_values"], release=opts["composer"]["name"])
if not upgrade:
extra_vars = helm_extra_vars(version=version, config_yaml=config_yaml)
helm_install(
opts["core"]["chart_repo"],
"hl-composer",
opts["composer"]["name"],
peer_namespace,
extra_vars=extra_vars,
verbose=verbose,
)
else:
preserve = (HelmPreserve(
peer_namespace,
"{}-hl-composer-rest".format(opts["composer"]["name"]),
"COMPOSER_APIKEY",
"rest.config.apiKey",
), )
extra_vars = helm_extra_vars(version=version,
config_yaml=config_yaml,
preserve=preserve)
helm_upgrade(
opts["core"]["chart_repo"],
"hl-composer",
opts["composer"]["name"],
extra_vars=extra_vars,
verbose=verbose,
)
helm_check("hl-composer",
opts["composer"]["name"],
peer_namespace,
pod_num=3)
def test_ca_chart_upgrade(
self,
mock_get_version,
mock_helm_check,
mock_helm_extra_vars,
mock_helm_install,
mock_helm_upgrade,
mock_secret_read,
):
mock_secret_read.side_effect = [{"postgresql-password": "******"}]
mock_get_version.side_effect = ["ca-version"]
mock_helm_extra_vars.side_effect = ["extra-vars-ca"]
ca_chart(self.OPTS, "a-release", upgrade=True)
mock_get_version.assert_has_calls([call(self.OPTS, "hlf-ca")])
mock_helm_extra_vars.assert_called_once_with(
version="ca-version",
config_yaml="./some_dir/hlf-ca/a-release.yaml",
env_vars=[("externalDatabase.password", "a_password")],
preserve=(
HelmPreserve("ca-namespace", "a-release-hlf-ca--ca",
"CA_ADMIN", "adminUsername"),
HelmPreserve(
"ca-namespace",
"a-release-hlf-ca--ca",
"CA_PASSWORD",
"adminPassword",
),
),
)
mock_helm_install.assert_not_called()
mock_helm_upgrade.assert_called_once_with("a_repo",
"hlf-ca",
"a-release",
extra_vars="extra-vars-ca",
verbose=False)
mock_secret_read.assert_called_once_with("a-release-pg-postgresql",
"ca-namespace",
verbose=False)
mock_helm_check.assert_has_calls(
[call("hlf-ca", "a-release", "ca-namespace")])
def test_peer_upgrade(self, mock_check_peer, mock_helm_install,
mock_helm_upgrade):
OPTS = deepcopy(self.OPTS)
OPTS["peers"]["names"] = ["peer0"]
setup_peer(OPTS, upgrade=True)
mock_helm_install.assert_not_called()
mock_helm_upgrade.assert_has_calls([
call(
"a-repo",
"hlf-couchdb",
"cdb-peer0",
"peer-namespace",
config_yaml="./a_dir/hlf-couchdb/cdb-peer0.yaml",
preserve=(
HelmPreserve(
"cdb-peer0-hlf-couchdb",
"COUCHDB_USERNAME",
"couchdbUsername",
),
HelmPreserve(
"cdb-peer0-hlf-couchdb",
"COUCHDB_PASSWORD",
"couchdbPassword",
),
),
verbose=False,
),
call(
"a-repo",
"hlf-peer",
"peer0",
"peer-namespace",
config_yaml="./a_dir/hlf-peer/peer0.yaml",
verbose=False,
),
])
mock_check_peer.assert_called_once_with("peer-namespace",
"peer0",
verbose=False)
def test_deploy_composer_upgrade(
self,
mock_composer_connection,
mock_get_version,
mock_helm_check,
mock_helm_extra_vars,
mock_helm_install,
mock_helm_upgrade,
mock_input_files,
mock_secret_create,
):
mock_get_version.side_effect = ["hlc-version"]
mock_helm_extra_vars.side_effect = ["extra-vars"]
mock_input_files.side_effect = [{"key": "data"}]
deploy_composer(self.OPTS, upgrade=True, verbose=True)
mock_input_files.assert_called_once_with((None, ), clean_key=True)
mock_secret_create.assert_called_once_with({"key": "data"},
"bna-secret",
"peer-namespace")
mock_composer_connection.assert_called_once_with(self.OPTS,
verbose=True)
mock_get_version.assert_has_calls([call(self.OPTS, "hl-composer")])
mock_helm_extra_vars.assert_called_once_with(
version="hlc-version",
config_yaml="./a_dir/hl-composer/hlc.yaml",
preserve=(HelmPreserve(
"peer-namespace",
"hlc-hl-composer-rest",
"COMPOSER_APIKEY",
"rest.config.apiKey",
), ),
)
mock_helm_install.assert_not_called()
mock_helm_upgrade.assert_called_once_with("a-repo",
"hl-composer",
"hlc",
extra_vars="extra-vars")
mock_helm_check.assert_called_once_with("hl-composer",
"hlc",
"peer-namespace",
pod_num=3)
def test_deploy_composer_upgrade(
self,
mock_composer_connection,
mock_helm_install,
mock_helm_upgrade,
mock_secret_from_file,
):
deploy_composer(self.OPTS, upgrade=True, verbose=True)
mock_secret_from_file.assert_called_once_with(
secret="bna-secret", namespace="peer-namespace", verbose=True)
mock_composer_connection.assert_called_once_with(self.OPTS,
verbose=True)
mock_helm_install.assert_not_called()
mock_helm_upgrade.assert_called_once_with(
"a-repo",
"hl-composer",
"hlc",
"peer-namespace",
pod_num=3,
config_yaml="./a_dir/hl-composer/hlc.yaml",
preserve=(HelmPreserve("hlc-hl-composer-rest", "COMPOSER_APIKEY",
"rest.config.apiKey"), ),
verbose=True,
)
def ca_chart(opts, release, upgrade=False, verbose=False):
"""Deploy CA Helm chart to K8S.
Args:
opts (dict): Nephos options dict.
release (str): Name of the Helm Chart release.
upgrade (bool): Do we upgrade the deployment? False by default.
verbose (bool): Verbosity. False by default.
"""
values_dir = opts["core"]["dir_values"]
repository = opts["core"]["chart_repo"]
ca_namespace = get_namespace(opts, ca=release)
# PostgreSQL (Upgrades here are dangerous, deactivated by default)
helm_install(
"stable",
"postgresql",
"{}-pg".format(release),
ca_namespace,
config_yaml="{dir}/postgres-ca/{name}-pg.yaml".format(dir=values_dir,
name=release),
verbose=verbose,
)
psql_secret = secret_read("{}-pg-postgresql".format(release),
ca_namespace,
verbose=verbose)
# Different key depending of PostgreSQL version
psql_password = (psql_secret.get("postgres-password")
or psql_secret["postgresql-password"])
env_vars = [("externalDatabase.password", psql_password)]
# Fabric CA
if not upgrade:
helm_install(
repository,
"hlf-ca",
release,
ca_namespace,
config_yaml="{dir}/hlf-ca/{name}.yaml".format(dir=values_dir,
name=release),
env_vars=env_vars,
verbose=verbose,
)
else:
# TODO: Remove this try/catch once all CAs are updated
try:
preserve = (
HelmPreserve("{}-hlf-ca".format(release), "CA_ADMIN",
"adminUsername"),
HelmPreserve("{}-hlf-ca".format(release), "CA_PASSWORD",
"adminPassword"),
)
helm_upgrade(
repository,
"hlf-ca",
release,
ca_namespace,
config_yaml="{dir}/hlf-ca/{name}.yaml".format(dir=values_dir,
name=release),
env_vars=env_vars,
preserve=preserve,
verbose=verbose,
)
except:
preserve = (
HelmPreserve("{}-hlf-ca--ca".format(release), "CA_ADMIN",
"adminUsername"),
HelmPreserve("{}-hlf-ca--ca".format(release), "CA_PASSWORD",
"adminPassword"),
)
helm_upgrade(
repository,
"hlf-ca",
release,
ca_namespace,
config_yaml="{dir}/hlf-ca/{name}.yaml".format(dir=values_dir,
name=release),
env_vars=env_vars,
preserve=preserve,
verbose=verbose,
)
def setup_peer(opts, upgrade=False):
"""Setup Peer on K8S.
Args:
opts (dict): Nephos options dict.
upgrade (bool): Do we upgrade the deployment? False by default.
"""
for msp in get_msps(opts=opts):
peer_namespace = get_namespace(opts, msp=msp)
for release in get_peers(opts=opts, msp=msp):
# Deploy the CouchDB instances
version = get_version(opts, "hlf-couchdb")
config_yaml = (
f'{opts["core"]["dir_values"]}/{msp}/hlf-couchdb/cdb-{release}.yaml'
)
if not upgrade:
extra_vars = helm_extra_vars(version=version,
config_yaml=config_yaml)
helm_install(
opts["core"]["chart_repo"],
"hlf-couchdb",
f"cdb-{release}",
peer_namespace,
extra_vars=extra_vars,
)
else:
preserve = (
HelmPreserve(
peer_namespace,
f"cdb-{release}-hlf-couchdb",
"COUCHDB_USERNAME",
"couchdbUsername",
),
HelmPreserve(
peer_namespace,
f"cdb-{release}-hlf-couchdb",
"COUCHDB_PASSWORD",
"couchdbPassword",
),
)
extra_vars = helm_extra_vars(version=version,
config_yaml=config_yaml,
preserve=preserve)
helm_upgrade(
opts["core"]["chart_repo"],
"hlf-couchdb",
f"cdb-{release}",
extra_vars=extra_vars,
)
helm_check("hlf-couchdb", f"cdb-{release}", peer_namespace)
# Deploy the HL-Peer charts
version = get_version(opts, "hlf-peer")
config_yaml = f"{opts['core']['dir_values']}/{msp}/hlf-peer/{release}.yaml"
extra_vars = helm_extra_vars(version=version,
config_yaml=config_yaml)
if not upgrade:
helm_install(
opts["core"]["chart_repo"],
"hlf-peer",
release,
peer_namespace,
extra_vars=extra_vars,
)
else:
helm_upgrade(
opts["core"]["chart_repo"],
"hlf-peer",
release,
extra_vars=extra_vars,
)
helm_check("hlf-peer", release, peer_namespace)
# Check that peer is running
check_peer(peer_namespace, release)
def setup_peer(opts, upgrade=False, verbose=False):
"""Setup Peer on K8S.
Args:
opts (dict): Nephos options dict.
upgrade (bool): Do we upgrade the deployment? False by default.
verbose (bool): Verbosity. False by default.
"""
peer_namespace = get_namespace(opts, opts["peers"]["msp"])
for release in opts["peers"]["names"]:
# Deploy the CouchDB instances
version = get_version(opts, "hlf-couchdb")
config_yaml = "{dir}/hlf-couchdb/cdb-{name}.yaml".format(
dir=opts["core"]["dir_values"], name=release)
if not upgrade:
extra_vars = helm_extra_vars(version=version,
config_yaml=config_yaml)
helm_install(
opts["core"]["chart_repo"],
"hlf-couchdb",
"cdb-{}".format(release),
peer_namespace,
extra_vars=extra_vars,
verbose=verbose,
)
else:
preserve = (
HelmPreserve(
peer_namespace,
"cdb-{}-hlf-couchdb".format(release),
"COUCHDB_USERNAME",
"couchdbUsername",
),
HelmPreserve(
peer_namespace,
"cdb-{}-hlf-couchdb".format(release),
"COUCHDB_PASSWORD",
"couchdbPassword",
),
)
extra_vars = helm_extra_vars(version=version,
config_yaml=config_yaml,
preserve=preserve)
helm_upgrade(
opts["core"]["chart_repo"],
"hlf-couchdb",
"cdb-{}".format(release),
extra_vars=extra_vars,
verbose=verbose,
)
helm_check("hlf-couchdb", "cdb-{}".format(release), peer_namespace)
# Deploy the HL-Peer charts
version = get_version(opts, "hlf-peer")
config_yaml = "{dir}/hlf-peer/{name}.yaml".format(
dir=opts["core"]["dir_values"], name=release)
extra_vars = helm_extra_vars(version=version, config_yaml=config_yaml)
if not upgrade:
helm_install(
opts["core"]["chart_repo"],
"hlf-peer",
release,
peer_namespace,
extra_vars=extra_vars,
verbose=verbose,
)
else:
helm_upgrade(
opts["core"]["chart_repo"],
"hlf-peer",
release,
extra_vars=extra_vars,
verbose=verbose,
)
helm_check("hlf-peer", release, peer_namespace)
# Check that peer is running
check_peer(peer_namespace, release, verbose=verbose)