Merge pull request #2617 from saurabhkumarkardam/quorum-2614

[quorum] refactor quorum ansible codebase
hyperledger · Aug 24, 2024 · da424e4 · da424e4
2 parents aadc974 + c5c64f6
commit da424e4
Show file tree

Hide file tree

Showing 27 changed files with 311 additions and 233 deletions.
diff --git a/platforms/network-schema.json b/platforms/network-schema.json
@@ -267,7 +267,8 @@
                 "type": "string",
                 "enum": [
                   "21.4.2",
-                  "23.4.0"
+                  "23.4.0",
+                  "24.4.1"
                 ]
               },
               "env": {

diff --git a/platforms/quorum/charts/quorum-genesis/Chart.yaml b/platforms/quorum/charts/quorum-genesis/Chart.yaml
@@ -1,4 +1,4 @@
-apiVersion: v1
+apiVersion: v2
 name: quorum-genesis
 description: "Quorum: This Helm chart deploys genesis."
 type: application

diff --git a/platforms/quorum/charts/quorum-node/requirements.yaml b/platforms/quorum/charts/quorum-node/requirements.yaml
@@ -10,12 +10,12 @@ dependencies:
     repository: "file://../quorum-tessera-node"
     tags:
       - tessera
-    version: ~1.0.0
+    version: ~1.1.0
     condition: tessera.enabled
   - name: quorum-tls-gen
     alias: tls
     repository: "file://../quorum-tlscert-gen"
     tags:
       - bevel
-    version: ~1.0.0
+    version: ~1.1.0
     condition: tls.enabled
diff --git a/platforms/quorum/charts/quorum-node/values.yaml b/platforms/quorum/charts/quorum-node/values.yaml
@@ -98,7 +98,8 @@ node:
 image:
   quorum:
     repository: quorumengineering/quorum
-    tag: 22.7.1
+    # latest is equivalent to 24.4.1
+    tag: latest    # latest | 22.7.1
   hooks:
     repository: ghcr.io/hyperledger/bevel-k8s-hooks
     tag: qgt-0.2.12

diff --git a/platforms/quorum/configuration/cleanup.yaml b/platforms/quorum/configuration/cleanup.yaml
@@ -27,11 +27,10 @@
         kubernetes: "{{ item.k8s }}"
       loop: "{{ network['organizations'] }}"
 
-    # Delete build directory
-    - name: Remove build directory
-      file:
-        path: "./build"
-        state: absent
+    # Clean up helpers directory
+    - name: "Clean up helpers directory"
+      include_role:
+        name: delete/local_directories
 
   #These variables can be overriden from the command line
   vars:

diff --git a/platforms/quorum/configuration/deploy-network.yaml b/platforms/quorum/configuration/deploy-network.yaml
@@ -4,13 +4,15 @@
 #  SPDX-License-Identifier: Apache-2.0
 ##############################################################################################
 
+##############################################################################################
 # This playbook deploys a DLT network on existing Kubernetes clusters
 # The Kubernetes clusters should already be created and the infomation to connect to the
 #  clusters be updated in the network.yaml file that is used as an input to this playbook
 ###########################################################################################
 # To Run this playbook from this directory, use the following command (network.yaml also in this directory)
 #  ansible-playbook deploy-network.yaml -e "@./network.yaml"
 ############################################################################################
+
 # Please ensure that the ../../shared/configuration playbooks have been run using the same network.yaml
 - hosts: ansible_provisioners
   gather_facts: no
@@ -21,7 +23,12 @@
     file:
       path: "./build"
       state: absent
-
+
+  # Validate input network.yaml
+  - name: "Validating network.yaml"
+    include_role:
+      name: check/validation
+
   # create namespace
   - name: "Create namespace"
     include_role:
@@ -46,63 +53,35 @@
       loop_var: org
     when: 
     - org.org_status is not defined or org.org_status == 'new'
-
-  # Execute primary genesis for the first organization
-  - name: "Setup primary genesis with first org as Validators"
-    include_role:
-      name: setup/genesis/primary
-    vars:
-      build_path: "./build"
-      org: "{{ network['organizations'] | first }}"
-      name: "{{ org.name | lower }}"
-      component_ns: "{{ org.name | lower }}-quo"
-      kubernetes: "{{ org.k8s }}"
-      vault: "{{ org.vault }}"
-      gitops: "{{ org.gitops }}"
-      charts_dir: "{{ org.gitops.chart_source }}"
-      values_dir: "./build/{{ component_ns }}"
-    when: 
-      - not (add_new_org | bool)
-
-  # # This role deploy validator nodes
-  - name: "Deploy validator nodes"
+
+  # Install primary Genesis
+  - name: "Install primary Genesis"
     include_role:
-      name: create/validator_node
+      name: setup/genesis/primary_genesis
     vars:
-      build_path: "./build"
-      org: "{{ network['organizations'] | first }}"
-      name: "{{ org.name | lower }}"
-      component_ns: "{{ org.name | lower }}-quo"
-      kubernetes: "{{ org.k8s }}"
-      vault: "{{ org.vault }}"
-      gitops: "{{ org.gitops }}"
-      charts_dir: "{{ org.gitops.chart_source }}"
-      values_dir: "{{playbook_dir}}/../../../{{org.gitops.release_dir}}/{{ component_ns }}"
-    when: 
-    - org.org_status is not defined or org.org_status == 'new'
-
-  # Deploy member nodes
-  - name: "Deploy member nodes with tessera transaction manager"
+      validator_count: "{{ total_validators | int }}"
+
+  # Deploy nodes
+  - name: "Deploy nodes"
     include_role:
-      name: create/member_node
+      name: setup/nodes
     vars:
-      build_path: "./build"
+      org_name: "{{ org.name | lower }}"
+      component_ns: "{{ org_name }}-quo"
+      validators: "{{ org.services.validators }}"
+      members: "{{ org.services.peers }}"
+      cloud_provider: "{{ org.cloud_provider | lower }}"
       kubernetes: "{{ org.k8s }}"
-      name: "{{ org.name | lower }}"
-      firstorg: "{{ network['organizations'] | first }}"
-      consensus: "{{ network.config.consensus }}"
-      component_ns: "{{ org.name | lower }}-quo"
       vault: "{{ org.vault }}"
       gitops: "{{ org.gitops }}"
       charts_dir: "{{ org.gitops.chart_source }}"
-      values_dir: "{{playbook_dir}}/../../../{{org.gitops.release_dir}}/{{ component_ns }}"
-      geth_data: "{{ network.config.bootnode | default('null') }}"
+      values_dir: "{{playbook_dir}}/../../../{{org.gitops.release_dir}}/{{ org_name }}"
+      current_org_index: "{{ org_index }}"
     loop: "{{ network['organizations'] }}"
     loop_control:
       loop_var: org
-    when: 
-      - org.org_status is not defined or org.org_status == 'new'
-
+      index_var: org_index
+
   #These variables can be overriden from the command line
   vars:
     install_os: "linux"           # Default to linux OS

diff --git a/platforms/quorum/configuration/roles/check/validation/tasks/count_validators.yaml b/platforms/quorum/configuration/roles/check/validation/tasks/count_validators.yaml
@@ -0,0 +1,14 @@
+##############################################################################################
+#  Copyright Accenture. All Rights Reserved.
+#
+#  SPDX-License-Identifier: Apache-2.0
+##############################################################################################
+
+# Counting the number of validator nodes
+- name: "Count validator nodes"
+  set_fact:
+    total_validators: "{{ total_validators | int + 1 }}"
+  loop: "{{ validators }}"
+  loop_control:
+    loop_var: validator
+  when: validator is defined
diff --git a/platforms/quorum/configuration/roles/check/validation/tasks/main.yaml b/platforms/quorum/configuration/roles/check/validation/tasks/main.yaml
@@ -0,0 +1,26 @@
+##############################################################################################
+#  Copyright Accenture. All Rights Reserved.
+#
+#  SPDX-License-Identifier: Apache-2.0
+##############################################################################################
+
+# Set initial counter for validators
+- name: Set initial validator count
+  set_fact:
+    total_validators: 0
+
+# Count Validato nodes in the first organization
+- name: Count Validato nodes in the first organization
+  include_tasks: count_validators.yaml
+  vars:
+    org: "{{ network['organizations'] | first }}"
+    validators: "{{ org.services.validators }}"
+
+# Fail if total validators are less than 4
+- name: Fail if total validators are less than 4
+  fail:
+    msg: |
+      The first organization, {{ (network['organizations'] | first).name }}, must have at least 4 validators.
+      The first four validators must be named in the following order: validator-0, validator-1, validator-2, validator-3.
+      Note: Beyond the initial four, custom names can be defined as needed.
+  when: (total_validators | int) < 4
diff --git a/...helm_component/templates/memberquorum.tpl → ...elm_component/templates/member_quorum.tpl b/...helm_component/templates/memberquorum.tpl → ...elm_component/templates/member_quorum.tpl
@@ -25,15 +25,15 @@ spec:
         type: {{ vault.type | default("hashicorp") }}
         network: quorum
         address: {{ vault.url }}
-        secretPrefix: "data/{{ network.env.type }}{{ name }}"
+        secretPrefix: "data/{{ network.env.type }}{{ org_name }}"
         secretEngine: {{ vault.secret_path | default("secretsv2") }}
         role: vault-role
-        authPath: {{ network.env.type }}{{ name }}
+        authPath: {{ network.env.type }}{{ org_name }}
       proxy:
         provider: ambassador
         externalUrlSuffix: {{ org.external_url_suffix }}
-        p2p: {{ peer.p2p.ambassador }}
-        tmport: {{ peer.tm_nodeport.ambassador | default(443) }}
+        p2p: {{ member.p2p.ambassador }}
+        tmport: {{ member.tm_nodeport.ambassador | default(443) }}
     storage:
       size: "2Gi"
     tessera:

diff --git a/...m_component/templates/validatorquorum.tpl → ..._component/templates/validator_quorum.tpl b/...m_component/templates/validatorquorum.tpl → ..._component/templates/validator_quorum.tpl
@@ -23,13 +23,17 @@ spec:
         cloudNativeServices: false
       vault:
         address: {{ vault.url }}
-        secretPrefix: data/{{ network.env.type }}{{ name }}
+        secretPrefix: data/{{ network.env.type }}{{ org_name }}
         network: quorum
         role: vault-role
-        authPath: {{ network.env.type }}{{ name }}
+        authPath: {{ network.env.type }}{{ org_name }}
         type: {{ vault.type | default("hashicorp") }}
         secretEngine: {{ vault.secret_path | default("secretsv2") }}
       proxy:
         provider: "ambassador"
         externalUrlSuffix: {{ org.external_url_suffix }}
-        p2p: {{ peer.p2p.ambassador }}
+        p2p: {{ validator.p2p.ambassador }}
+    tessera:
+      enabled: false
+    tls:
+      enabled: false
diff --git a/platforms/quorum/configuration/roles/create/helm_component/vars/main.yaml b/platforms/quorum/configuration/roles/create/helm_component/vars/main.yaml
@@ -7,8 +7,8 @@
 helm_templates:
   quorum_tessera: tessera.tpl
   quorum: quorum.tpl
-  validatorquorum: validatorquorum.tpl
-  memberquorum: memberquorum.tpl
+  validator_quorum: validator_quorum.tpl
+  member_quorum: member_quorum.tpl
   crypto_tessera: crypto_tessera.tpl
   crypto_ibft_job: crypto_ibft_job.tpl
   certs-ambassador-quorum: certs-ambassador-quorum.tpl

diff --git a/platforms/quorum/configuration/roles/create/member_node/tasks/main.yaml b/platforms/quorum/configuration/roles/create/member_node/tasks/main.yaml
@@ -4,31 +4,12 @@
 #  SPDX-License-Identifier: Apache-2.0
 ##############################################################################################
 
-# Execute only for members
-- name: Perform secondary genesis
-  include_role:
-    name: setup/genesis/secondary
-  vars:
-    values_dir: "./build/{{ component_ns }}"
-  when: org.type == 'member'
-
-# Get the Genesis and staticnodes
-- name: Get genesis and staticnodes
-  include_role: 
-    name: get/genesis
-  when: org.type == 'member' and org.services.peers is defined
-
-# Creates the Quorum node value files for each node of organization
-- name: Create value file for Quorum node
+# Create value file for member node
+- name: Create value file for member node
   include_role:
     name: create/helm_component
   vars:
-    component_name: "{{ peer.name }}"
-    type: "memberquorum"
-  loop: "{{ org.services.peers }}"
-  loop_control:
-    loop_var: peer
-  when: org.services.peers is defined
+    type: "member_quorum"
 
 # Pushes the above generated files to git directory 
 - name: Git Push
@@ -37,17 +18,13 @@
   vars:
     GIT_DIR: "{{ playbook_dir }}/../../../"
     msg: "[ci skip] Pushing Member node files"
-  when: org.services.peers is defined
 
 # Wait for the last Member to be running
 - name: "Wait for the last member to run"
   include_role:
     name: "{{ playbook_dir }}/../../shared/configuration/roles/check/helm_component"
   vars:
-    member: "{{ org.services.peers | last }}"
     label_selectors:
-      - app.kubernetes.io/release = {{ member.name | lower }}
+      - app.kubernetes.io/release = {{ component_name }}
     component_type: "Pod"
-    component_name: "{{ member.name | lower }}"
     namespace: "{{ component_ns }}"
-  when: org.services.peers is defined
diff --git a/platforms/quorum/configuration/roles/create/validator_node/tasks/main.yaml b/platforms/quorum/configuration/roles/create/validator_node/tasks/main.yaml
@@ -1,44 +1,24 @@
-##############################################################################################
-#  Copyright Accenture. All Rights Reserved.
-#
-#  SPDX-License-Identifier: Apache-2.0
-##############################################################################################
-
-# This task creates helm release file for each validator node of organization
-- name: Create helm release file for each validator node of organization
+# Create value file for validator node
+- name: Create value file for validator node
   include_role:
     name: create/helm_component
   vars:
-    component_name: "{{ peer.name }}"
-    type: "validatorquorum"
-  loop: "{{ org.services.validators }}"
-  loop_control:
-    loop_var: peer
-  when: org.services.validators is defined
+    type: "validator_quorum"
 
 # Git Push : Pushes the above generated files to git 
 - name: Git Push
   include_role: 
     name: "{{ playbook_dir }}/../../shared/configuration/roles/git_push"
   vars:
     GIT_DIR: "{{ playbook_dir }}/../../../"
-    msg: "[ci skip] Pushing Validator files"
-  when: org.services.validators is defined
+    msg: "[ci skip] Pushing Validator Helm release file"
 
 # Wait for the last validator to be running
 - name: "Wait for the last validator to run"
   include_role:
     name: "{{ playbook_dir }}/../../shared/configuration/roles/check/helm_component"
   vars:
-    validator: "{{ org.services.validators | last }}"
     label_selectors:
-      - app.kubernetes.io/release = {{ validator.name | lower }}
+      - app.kubernetes.io/release = {{ component_name }}
     component_type: "Pod"
     namespace: "{{ component_ns }}"
-  when: org.services.validators is defined
-
-# Get the Genesis and staticnodes
-- name: Get genesis and staticnodes
-  include_role: 
-    name: get/genesis
-  when: org.services.validators is defined
diff --git a/platforms/quorum/configuration/roles/delete/local_directories/tasks/main.yaml b/platforms/quorum/configuration/roles/delete/local_directories/tasks/main.yaml
@@ -0,0 +1,25 @@
+##############################################################################################
+#  Copyright Accenture. All Rights Reserved.
+#
+#  SPDX-License-Identifier: Apache-2.0
+##############################################################################################
+
+# Find and delete .json files in platforms/quorum/charts/quorum-genesis/files directory
+- name: "Find .json files in quorum-genesis files directory"
+  find:
+    paths: "{{ playbook_dir }}/../../quorum/charts/quorum-genesis/files"
+    patterns: "*.json"
+  register: genesis_and_static_node
+
+# Delete .json files in quorum-genesis files directory
+- name: "Delete .json files in quorum-genesis files directory"
+  file:
+    path: "{{ item.path }}"
+    state: absent
+  loop: "{{ genesis_and_static_node.files }}"
+
+# Delete the build directory in platforms/quorum/configuration
+- name: "Remove build directory from configuration"
+  file:
+    path: "{{ playbook_dir }}/../../quorum/configuration/build"
+    state: absent