Merge branch 'main' into fab-v2-5

.github/workflows/test-on-push.yml

@@ -40,60 +40,60 @@ jobs:
       - name: Lint
         run: npm run lint && ./lint.sh
 
-  test-k8:
-    needs: test-main
-    runs-on: ubuntu-latest
-    timeout-minutes: 30
-    steps:
-
-      - name: Check out repository code
-        uses: actions/checkout@v2
-
-      - name: install k8, hlf plugin and helm
-        run: |
-          curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.14.0/kind-linux-amd64
-          chmod +x ./kind
-          sudo mv ./kind /usr/local/bin/kind
-          kind create cluster --wait 5m
-          curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3
-          chmod 700 get_helm.sh
-          ./get_helm.sh
-          curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
-          chmod +x kubectl
-          sudo mv ./kubectl /usr/local/bin/kubectl
-          set -x; cd "$(mktemp -d)" &&
-          OS="$(uname | tr '[:upper:]' '[:lower:]')" &&
-          ARCH="$(uname -m | sed -e 's/x86_64/amd64/' -e 's/\(arm\)\(64\)\?.*/\1\2/' -e 's/aarch64$/arm64/')" &&
-          KREW="krew-${OS}_${ARCH}" &&
-          curl -fsSLO "https://github.com/kubernetes-sigs/krew/releases/latest/download/${KREW}.tar.gz" &&
-          tar zxvf "${KREW}.tar.gz" &&
-          ./"${KREW}" install krew
-          export PATH="${KREW_ROOT:-$HOME/.krew}/bin:$PATH"
-          kubectl krew install hlf
-
-          if [ -f "~/.bashrc" ]; then
-            echo 'export PATH="${KREW_ROOT:-$HOME/.krew}/bin:$PATH"' >> ~/.bashrc && source ~/.bashrc
-          fi
-
-          if [ -f "~/.zshrc" ]; then
-            echo 'export PATH="${KREW_ROOT:-$HOME/.krew}/bin:$PATH"' >> ~/.zshrc && source ~/.zshrc
-          fi
-          
-          helm repo add kfs "https://kfsoftware.github.io/hlf-helm-charts" --force-update
-          helm install hlf-operator --version=1.8.0 kfs/hlf-operator
-
-      - name: Build Fablo
-        run: |
-          shellcheck --version && \
-          yamllint -v && \
-          npm install && \
-          npm run build && \
-          ./fablo-build.sh
-
-      - name: fablo k8 tests
-        run: |
-          export PATH="${KREW_ROOT:-$HOME/.krew}/bin:$PATH"
-          e2e-network/k8s/test-01-simple-k8s.sh
+  #  test-k8:
+  #    needs: test-main
+  #    runs-on: ubuntu-latest
+  #    timeout-minutes: 30
+  #    steps:
+  #
+  #      - name: Check out repository code
+  #        uses: actions/checkout@v2
+  #
+  #      - name: install k8, hlf plugin and helm
+  #        run: |
+  #          curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.14.0/kind-linux-amd64
+  #          chmod +x ./kind
+  #          sudo mv ./kind /usr/local/bin/kind
+  #          kind create cluster --wait 5m
+  #          curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3
+  #          chmod 700 get_helm.sh
+  #          ./get_helm.sh
+  #          curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
+  #          chmod +x kubectl
+  #          sudo mv ./kubectl /usr/local/bin/kubectl
+  #          set -x; cd "$(mktemp -d)" &&
+  #          OS="$(uname | tr '[:upper:]' '[:lower:]')" &&
+  #          ARCH="$(uname -m | sed -e 's/x86_64/amd64/' -e 's/\(arm\)\(64\)\?.*/\1\2/' -e 's/aarch64$/arm64/')" &&
+  #          KREW="krew-${OS}_${ARCH}" &&
+  #          curl -fsSLO "https://github.com/kubernetes-sigs/krew/releases/latest/download/${KREW}.tar.gz" &&
+  #          tar zxvf "${KREW}.tar.gz" &&
+  #          ./"${KREW}" install krew
+  #          export PATH="${KREW_ROOT:-$HOME/.krew}/bin:$PATH"
+  #          kubectl krew install hlf
+  #
+  #          if [ -f "~/.bashrc" ]; then
+  #            echo 'export PATH="${KREW_ROOT:-$HOME/.krew}/bin:$PATH"' >> ~/.bashrc && source ~/.bashrc
+  #          fi
+  #
+  #          if [ -f "~/.zshrc" ]; then
+  #            echo 'export PATH="${KREW_ROOT:-$HOME/.krew}/bin:$PATH"' >> ~/.zshrc && source ~/.zshrc
+  #          fi
+  #
+  #          helm repo add kfs "https://kfsoftware.github.io/hlf-helm-charts" --force-update
+  #          helm install hlf-operator --version=1.8.0 kfs/hlf-operator
+  #
+  #      - name: Build Fablo
+  #        run: |
+  #          shellcheck --version && \
+  #          yamllint -v && \
+  #          npm install && \
+  #          npm run build && \
+  #          ./fablo-build.sh
+  #
+  #      - name: fablo k8 tests
+  #        run: |
+  #          export PATH="${KREW_ROOT:-$HOME/.krew}/bin:$PATH"
+  #          e2e-network/k8s/test-01-simple-k8s.sh
 
   test-02-raft:
     needs: test-main

e2e-network/TEST_CASES.md

@@ -2,9 +2,9 @@
 
 | Test case                 |    01-simple    |   02-raft   | 03-private |       04-snapshot        |
 | ------------------------- |:---------------:|:-----------:|:----------:|:------------------------:|
-| Fabric versions           |      2.4.7      |    2.3.2    |   1.4.11   |       2.3.3/2.4.2        |
+| Fabric versions           |      2.4.7      |    2.3.2    |   2.4.7    |       2.3.3/2.4.2        |
 | TLS                       |       no        |     yes     |     no     |           yes            |
-| Channel capabilities      |       v2        |     v2      |   v1_4_3   |            v2            |
+| Channel capabilities      |       v2        |     v2      |    v2_5    |            v2            |
 | Consensus                 |      solo       |    RAFT     |    solo    |           RAFT           |
 | Orderer nodes             |        1        |      3      |     1      |            1             |
 | Organizations             |        1        |      2      |     2      |            1             |
@@ -19,4 +19,4 @@
 | Java chaincode            |       no        |     yes     |     no     |            no            |
 | Go chaincode              |       no        |     no      |     no     |            no            |
 | Tools                     | channel scripts | Fablo REST  |     -      |  Fablo REST, Explorer    |
-| Other Fablo commands      |   init, reset   | stop, start |  -         | snapshot, prune, restore |
+| Other Fablo commands      |   init, reset   | stop, start |     -      | snapshot, prune, restore |

e2e-network/docker/test-03-private-data.sh

@@ -6,7 +6,9 @@ TEST_TMP="$(rm -rf "$0.tmpdir" && mkdir -p "$0.tmpdir" && (cd "$0.tmpdir" && pwd
 TEST_LOGS="$(mkdir -p "$0.logs" && (cd "$0.logs" && pwd))"
 FABLO_HOME="$TEST_TMP/../../.."
 
-FABLO_CONFIG="$FABLO_HOME/samples/fablo-config-hlf1.4-2orgs-2chaincodes-private-data.yaml"
+export FABLO_HOME
+
+FABLO_CONFIG="$FABLO_HOME/samples/fablo-config-hlf2-2orgs-2chaincodes-private-data.yaml"
 
 networkUp() {
   "$FABLO_HOME/fablo-build.sh"
@@ -30,11 +32,11 @@ waitForContainer() {
 }
 
 waitForChaincode() {
-  sh "$TEST_TMP/../wait-for-chaincode-v1.4.sh" "$1" "$2" "$3" "$4" "$5"
+  (cd "$TEST_TMP" && sh ../wait-for-chaincode.sh "$1" "$2" "$3" "$4")
 }
 
 expectInvoke() {
-  sh "$TEST_TMP/../expect-invoke-cli.sh" "$1" "$2" "$3" "$4" "$5" "$6" "$7"
+  (cd "$TEST_TMP" && sh ../expect-invoke-cli.sh "$1" "$2" "$3" "$4" "$5" "$6")
 }
 
 trap networkDown EXIT
@@ -44,67 +46,61 @@ trap 'networkDown ; echo "Test failed" ; exit 1' ERR SIGINT
 networkUp
 
 # check if network is ready
-waitForContainer "orderer0.group1.orderer.example.com" "Created and starting new chain my-channel1"
+waitForContainer "orderer0.group1.orderer.example.com" "Created and started new channel my-channel1"
 waitForContainer "ca.org1.example.com" "Listening on http://0.0.0.0:7054"
 waitForContainer "peer0.org1.example.com" "Joining gossip network of channel my-channel1 with 2 organizations"
 waitForContainer "ca.org2.example.com" "Listening on http://0.0.0.0:7054"
 waitForContainer "peer0.org2.example.com" "Joining gossip network of channel my-channel1 with 2 organizations"
 
-waitForChaincode "cli.org1.example.com" "peer0.org1.example.com:7041" "my-channel1" "or-policy-chaincode" "0.0.1"
-waitForChaincode "cli.org2.example.com" "peer0.org2.example.com:7061" "my-channel1" "or-policy-chaincode" "0.0.1"
-waitForChaincode "cli.org1.example.com" "peer0.org1.example.com:7041" "my-channel1" "and-policy-chaincode" "0.0.1"
-waitForChaincode "cli.org2.example.com" "peer0.org2.example.com:7061" "my-channel1" "and-policy-chaincode" "0.0.1"
+waitForChaincode "peer0.org1.example.com" "my-channel1" "or-policy-chaincode" "0.0.1"
+waitForChaincode "peer0.org2.example.com" "my-channel1" "or-policy-chaincode" "0.0.1"
+waitForChaincode "peer0.org1.example.com" "my-channel1" "and-policy-chaincode" "0.0.1"
+waitForChaincode "peer0.org2.example.com" "my-channel1" "and-policy-chaincode" "0.0.1"
 
 sleep 3 # extra time needed: peers need to discover themselves before private data call.
 
 # Org1: Test chaincode with transient fields and private data
-expectInvoke "cli.org1.example.com" "peer0.org1.example.com:7041" "my-channel1" "or-policy-chaincode" \
+expectInvoke "peer0.org1.example.com" "my-channel1" "or-policy-chaincode" \
   '{"Args":["KVContract:putPrivateMessage", "org1-collection"]}' \
   '{\"success\":\"OK\"}' \
   '{"message":"VmVyeSBzZWNyZXQgbWVzc2FnZQ=="}'
-expectInvoke "cli.org1.example.com" "peer0.org1.example.com:7041" "my-channel1" "or-policy-chaincode" \
+expectInvoke "peer0.org1.example.com" "my-channel1" "or-policy-chaincode" \
   '{"Args":["KVContract:getPrivateMessage", "org1-collection"]}' \
   '{\"success\":\"Very secret message\"}'
-expectInvoke "cli.org1.example.com" "peer0.org1.example.com:7041" "my-channel1" "or-policy-chaincode" \
+expectInvoke "peer0.org1.example.com" "my-channel1" "or-policy-chaincode" \
   '{"Args":["KVContract:verifyPrivateMessage", "org1-collection"]}' \
   '{\"success\":\"OK\"}' \
   '{"message":"VmVyeSBzZWNyZXQgbWVzc2FnZQ=="}'
 
 # Org2: Access private data from org1-collection
-expectInvoke "cli.org2.example.com" "peer0.org2.example.com:7061" "my-channel1" "or-policy-chaincode" \
+expectInvoke "peer0.org2.example.com" "my-channel1" "or-policy-chaincode" \
   '{"Args":["KVContract:verifyPrivateMessage", "org1-collection"]}' \
   '{\"success\":\"OK\"}' \
   '{"message":"VmVyeSBzZWNyZXQgbWVzc2FnZQ=="}'
-expectInvoke "cli.org2.example.com" "peer0.org2.example.com:7061" "my-channel1" "or-policy-chaincode" \
+expectInvoke "peer0.org2.example.com" "my-channel1" "or-policy-chaincode" \
   '{"Args":["KVContract:verifyPrivateMessage", "org1-collection"]}' \
   '{\"error\":\"VERIFICATION_FAILED\"}' \
   '{"message":"XXXXXSBzZWNyZXQgbWVzc2FnZQ=="}'
-expectInvoke "cli.org2.example.com" "peer0.org2.example.com:7061" "my-channel1" "or-policy-chaincode" \
+expectInvoke "peer0.org2.example.com" "my-channel1" "or-policy-chaincode" \
   '{"Args":["KVContract:getPrivateMessage", "org1-collection"]}' \
   'tx creator does not have read access permission on privatedata in chaincodeName:or-policy-chaincode collectionName: org1-collection'
-
-# Warning: Org2 with no read access can override private data of Org1.
-expectInvoke "cli.org2.example.com" "peer0.org2.example.com:7061" "my-channel1" "or-policy-chaincode" \
+expectInvoke "peer0.org2.example.com" "my-channel1" "or-policy-chaincode" \
   '{"Args":["KVContract:putPrivateMessage", "org1-collection"]}' \
-  '{\"success\":\"OK\"}' \
+  'tx creator does not have write access permission on privatedata in chaincodeName:or-policy-chaincode collectionName: org1-collection' \
   '{"message":"Q29ycnVwdGVkIG1lc3NhZ2U="}'
-# Read of corrupted message will fail with MVCC_READ_CONFLICT if the Org1 has one peer in the channel, but succeed otherwise
-expectInvoke "cli.org1.example.com" "peer0.org1.example.com:7041" "my-channel1" "or-policy-chaincode" \
-  '{"Args":["KVContract:getPrivateMessage", "org1-collection"]}' \
-  '{\"success\":\"Corrupted message\"}'
 
-# The issue exists even for chaincodes with AND endorsement policy
-expectInvoke "cli.org1.example.com" "peer0.org1.example.com:7041,peer0.org2.example.com:7061" "my-channel1" "and-policy-chaincode" \
-  '{"Args":["KVContract:putPrivateMessage", "org1-collection"]}' \
-  '{\"success\":\"OK\"}' \
-  '{"message":"RG9udCBjaGFuZ2UgbWUgcGx6"}'
-expectInvoke "cli.org2.example.com" "peer0.org2.example.com:7061,peer0.org1.example.com:7041" "my-channel1" "and-policy-chaincode" \
-  '{"Args":["KVContract:getPrivateMessage", "org1-collection"]}' \
-  'tx creator does not have read access permission on privatedata in chaincodeName:and-policy-chaincode collectionName: org1-collection'
-expectInvoke "cli.org2.example.com" "peer0.org2.example.com:7061,peer0.org1.example.com:7041" "my-channel1" "and-policy-chaincode" \
-  '{"Args":["KVContract:putPrivateMessage", "org1-collection"]}' \
-  '{\"success\":\"OK\"}' \
-  '{"message":"QW5kIGFub3RoZXIgb25l"}'
-expectInvoke "cli.org1.example.com" "peer0.org1.example.com:7041,peer0.org2.example.com:7061" "my-channel1" "and-policy-chaincode" \
-  '{"Args":["KVContract:getPrivateMessage", "org1-collection"]}' \
-  'Error: could not assemble transaction: ProposalResponsePayloads do not match'
+# TODO to be added in https://github.com/hyperledger-labs/fablo/issues/466
+#expectInvoke "peer0.org1.example.com,peer0.org2.example.com" "my-channel1" "and-policy-chaincode" \
+#  '{"Args":["KVContract:putPrivateMessage", "both-orgs-collection"]}' \
+#  '{\"success\":\"OK\"}' \
+#  '{"message":"RG9udCBjaGFuZ2UgbWUgcGx6"}'
+#expectInvoke "peer0.org2.example.com,peer0.org1.example.com" "my-channel1" "and-policy-chaincode" \
+#  '{"Args":["KVContract:getPrivateMessage", "both-orgs-collection"]}' \
+#  'tx creator does not have read access permission on privatedata in chaincodeName:and-policy-chaincode collectionName: org1-collection'
+#expectInvoke "peer0.org2.example.com,peer0.org1.example.com" "my-channel1" "and-policy-chaincode" \
+#  '{"Args":["KVContract:putPrivateMessage", "both-orgs-collection"]}' \
+#  '{\"success\":\"OK\"}' \
+#  '{"message":"QW5kIGFub3RoZXIgb25l"}'
+#expectInvoke "peer0.org1.example.com,peer0.org2.example.com" "my-channel1" "and-policy-chaincode" \
+#  '{"Args":["KVContract:getPrivateMessage", "both-orgs-collection"]}' \
+#  'Error: could not assemble transaction: ProposalResponsePayloads do not match'