FAB-1338: Include all config and cert files

This change ensures that all of the necessary
sample files are included in the cop image that
is needed in order for a client/peer to connect
successfully.

It should be noted that each peer must have it's
own certificate included in the cop_client.json
file and in the correct volume.

Change-Id: I9204f026f9f5cafca1b6994591f2e214c6345d81
Signed-off-by: Latitia M Haskins <[email protected]>

Makefile

@@ -107,6 +107,11 @@ build/image/$(PROJECT_NAME)-runtime/payload:	build/docker/busybox
 
 build/image/%/payload:
 	mkdir -p $@
+	cp images/cop/root.pem $@/root.pem
+	cp images/cop/tls_client-cert.pem $@/tls_client-cert.pem
+	cp images/cop/tls_client-key.pem $@/tls_client-key.pem
+	cp images/cop/ec.pem $@/ec.pem
+	cp images/cop/ec-key.pem $@/ec-key.pem
 	cp $^ $@
 
 build/image/%/$(DUMMY): Makefile build/image/%/payload

docker/docker-compose-cop.yml

@@ -1,45 +1,45 @@
 cop:
-   image: fabric-cop:latest
+   image: hyperledger/fabric-cop
    ports:
      - "8888:8888"
    environment:
      - CA_CERTIFICATE=${CA_CERTIFICATE}
      - CA_KEY_CERTIFICATE=${CA_KEY_CERTIFICATE}
      - COP_CONFIG=${COP_CONFIG}
    volumes:
-     - /config:/var/hyperledger/cop_config
-     - /root/.cop:/var/hyperledger/fabric/.cop
-   command: sh -c 'cop server start -ca ~/.cop/$CA_CERTIFICATE -ca-key ~/.cop/$CA_KEY_CERTIFICATE -config /config/$COP_CONFIG -address "0.0.0.0"'
+     - /etc/hyperledger/fabric-cop:/var/hyperledger/fabric-cop/config
+     - /.cop:/var/hyperledger/fabric/.cop
+   command: sh -c 'sleep 1;cop server start -ca /.cop/$CA_CERTIFICATE -ca-key /.cop/$CA_KEY_CERTIFICATE -config /etc/hyperledger/fabric-cop/$COP_CONFIG -address "0.0.0.0"'
 
 admin-client:
-   image: fabric-cop:latest
+   image: hyperledger/fabric-cop
    environment:
      - CSR_CONFIG=${CSR_CONFIG}
    volumes:
-     - /config:/var/hyperledger/cop_config
-     - /root/.cop:/var/hyperledger/fabric/.cop
-   command: sh -c "sleep 5;cop client enroll admin adminpw http://cop:8888 /config/$CSR_CONFIG"
+     - /etc/hyperledger/fabric-cop:/var/hyperledger/fabric-cop/config
+     - /.cop:/var/hyperledger/fabric/.cop
+   command: sh -c "sleep 5;cop client enroll admin adminpw http://cop:8888 /etc/hyperledger/fabric-cop/$CSR_CONFIG"
    links:
      - cop
 
 sdk-client:
-   image: fabric-cop:latest
+   image: hyperledger/fabric-cop
    environment:
      - CSR_CONFIG=${CSR_CONFIG}
    volumes:
-     - /config:/var/hyperledger/cop_config
-     - /root/.cop:/var/hyperledger/fabric/.cop
-   command: sh -c "sleep 5;cop client enroll sdk sdkpw http://cop:8888 /config/$CSR_CONFIG"
+     - /etc/hyperledger/fabric-cop:/var/hyperledger/fabric-cop/config
+     - /.cop:/var/hyperledger/fabric/.cop
+   command: sh -c "sleep 5;cop client enroll sdk sdkpw http://cop:8888 /etc/hyperledger/fabric-cop/$CSR_CONFIG"
    links:
      - cop
 
 bob-client:
-   image: fabric-cop:latest
+   image: hyperledger/fabric-cop
    environment:
      - CSR_CONFIG=${CSR_CONFIG}
    volumes:
-     - /config:/var/hyperledger/cop_config
-     - /root/.cop:/var/hyperledger/fabric/.cop
-   command: sh -c "sleep 5;cop client enroll bob bobpw http://cop:8888 /config/$CSR_CONFIG"
+     - /etc/hyperledger/fabric-cop:/var/hyperledger/fabric-cop/config
+     - /.cop:/var/hyperledger/fabric/.cop
+   command: sh -c "sleep 5;cop client enroll bob bobpw http://cop:8888 /etc/hyperledger/fabric-cop/$CSR_CONFIG"
    links:
      - cop

images/cop/Dockerfile.in

@@ -2,6 +2,20 @@ FROM hyperledger/fabric-cop-runtime:_TAG_
 ENV COP_HOME /etc/hyperledger/fabric-cop
 RUN mkdir -p $COP_HOME /var/hyperledger/fabric-cop
 COPY payload/cop /usr/local/bin
+
+# Copy the configuration files
 ADD payload/sampleconfig.tar.bz2 $COP_HOME
+#COPY payload/cop.json /config/cop.json
+#COPY payload/cop-psql.json /config/cop-psql.json
+#COPY payload/csr.json /config/csr.json
+#COPY payload/cop_client.json /etc/hyperledger/fabric-cop/cop_client.json
+
+# Copy the same certificates that are currently hardcoded into the peers
+COPY payload/root.pem /.cop/root.pem
+COPY payload/tls_client-cert.pem /.cop/tls_client-cert.pem
+COPY payload/tls_client-key.pem /.cop/tls_client-key.pem
+COPY payload/ec-key.pem /.cop/ec-key.pem
+COPY payload/ec.pem /.cop/ec.pem
+
 EXPOSE 8888
 CMD cop server start -address 0.0.0.0 -config $COP_HOME/cop.json

images/cop/config/cop_client.json

@@ -0,0 +1,5 @@
+{
+"ca_certfiles":["/root/.cop/root.pem"],
+"client":{"keyfile":"/root/.cop/tls_client-key.pem",
+    "certfile":"/root/.cop/tls_client-cert.pem"}
+}

images/cop/ec-key.pem

@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEINs5XopZVBEWTsUCCF8mU4H14/UN1alo+j5BzBQZ0PKtoAoGCCqGSM49
+AwEHoUQDQgAEogflvYlpKaqJBcfKoL5yaScgJwWLkB11WOxCLMNXq5ni/qz49aIn
+LN8D+tO0y9gA+r/J4QekFQHWPTnebGekyw==
+-----END EC PRIVATE KEY-----

images/cop/ec.pem

@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE-----
+MIICYjCCAgmgAwIBAgIUB3CTDOU47sUC5K4kn/Caqnh114YwCgYIKoZIzj0EAwIw
+fzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNh
+biBGcmFuY2lzY28xHzAdBgNVBAoTFkludGVybmV0IFdpZGdldHMsIEluYy4xDDAK
+BgNVBAsTA1dXVzEUMBIGA1UEAxMLZXhhbXBsZS5jb20wHhcNMTYxMDEyMTkzMTAw
+WhcNMjExMDExMTkzMTAwWjB/MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZv
+cm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEfMB0GA1UEChMWSW50ZXJuZXQg
+V2lkZ2V0cywgSW5jLjEMMAoGA1UECxMDV1dXMRQwEgYDVQQDEwtleGFtcGxlLmNv
+bTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABKIH5b2JaSmqiQXHyqC+cmknICcF
+i5AddVjsQizDV6uZ4v6s+PWiJyzfA/rTtMvYAPq/yeEHpBUB1j053mxnpMujYzBh
+MA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQXZ0I9
+qp6CP8TFHZ9bw5nRtZxIEDAfBgNVHSMEGDAWgBQXZ0I9qp6CP8TFHZ9bw5nRtZxI
+EDAKBggqhkjOPQQDAgNHADBEAiAHp5Rbp9Em1G/UmKn8WsCbqDfWecVbZPQj3RK4
+oG5kQQIgQAe4OOKYhJdh3f7URaKfGTf492/nmRmtK+ySKjpHSrU=
+-----END CERTIFICATE-----

images/cop/root.pem

@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE-----
+MIICYjCCAgmgAwIBAgIUB3CTDOU47sUC5K4kn/Caqnh114YwCgYIKoZIzj0EAwIw
+fzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNh
+biBGcmFuY2lzY28xHzAdBgNVBAoTFkludGVybmV0IFdpZGdldHMsIEluYy4xDDAK
+BgNVBAsTA1dXVzEUMBIGA1UEAxMLZXhhbXBsZS5jb20wHhcNMTYxMDEyMTkzMTAw
+WhcNMjExMDExMTkzMTAwWjB/MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZv
+cm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEfMB0GA1UEChMWSW50ZXJuZXQg
+V2lkZ2V0cywgSW5jLjEMMAoGA1UECxMDV1dXMRQwEgYDVQQDEwtleGFtcGxlLmNv
+bTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABKIH5b2JaSmqiQXHyqC+cmknICcF
+i5AddVjsQizDV6uZ4v6s+PWiJyzfA/rTtMvYAPq/yeEHpBUB1j053mxnpMujYzBh
+MA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQXZ0I9
+qp6CP8TFHZ9bw5nRtZxIEDAfBgNVHSMEGDAWgBQXZ0I9qp6CP8TFHZ9bw5nRtZxI
+EDAKBggqhkjOPQQDAgNHADBEAiAHp5Rbp9Em1G/UmKn8WsCbqDfWecVbZPQj3RK4
+oG5kQQIgQAe4OOKYhJdh3f7URaKfGTf492/nmRmtK+ySKjpHSrU=
+-----END CERTIFICATE-----

images/cop/tls_client-cert.pem

@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE-----
+MIICkDCCAjWgAwIBAgIUG8ebdjiChYrkdDXXAfd0piCE0EUwCgYIKoZIzj0EAwIw
+fzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNh
+biBGcmFuY2lzY28xHzAdBgNVBAoTFkludGVybmV0IFdpZGdldHMsIEluYy4xDDAK
+BgNVBAsTA1dXVzEUMBIGA1UEAxMLZXhhbXBsZS5jb20wHhcNMTYxMjE1MTUwMTAw
+WhcNMTcxMjE1MTUwMTAwWjB3MQswCQYDVQQGEwJVUzEXMBUGA1UECBMOTm9ydGgg
+Q2Fyb2xpbmExEDAOBgNVBAcTB1JhbGVpZ2gxGzAZBgNVBAoTEkh5cGVybGVkZ2Vy
+IEZhYnJpYzEMMAoGA1UECxMDQ09QMRIwEAYDVQQDEwlsb2NhbGhvc3QwWTATBgcq
+hkjOPQIBBggqhkjOPQMBBwNCAARTkTXPc8PXZD+0Hr68B8RycPw0WEho97cMw/oq
+iw1C6sRHEKZ73a6N4nK7vCHgI0CNZpdcIS/c0p7PfZLUNJnPo4GWMIGTMA4GA1Ud
+DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T
+AQH/BAIwADAdBgNVHQ4EFgQUw8umSj56g4BFpMfP2UOZMI39NEowHwYDVR0jBBgw
+FoAUF2dCPaqegj/ExR2fW8OZ0bWcSBAwFAYDVR0RBA0wC4IJbG9jYWxob3N0MAoG
+CCqGSM49BAMCA0kAMEYCIQCF/eJ6/e05PxqeDxAag50HWF/G8EklrTdLWWMYJuHY
+HgIhAPlZk/aSYO5Eat0Ywg9FgmyFey2yPiWbtxs+ameOrdAC
+-----END CERTIFICATE-----

images/cop/tls_client-key.pem

@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIDeqhgW+fezuKdH/rZyvfHcDLP16olZ6Ny+eotH30UODoAoGCCqGSM49
+AwEHoUQDQgAEU5E1z3PD12Q/tB6+vAfEcnD8NFhIaPe3DMP6KosNQurERxCme92u
+jeJyu7wh4CNAjWaXXCEv3NKez32S1DSZzw==
+-----END EC PRIVATE KEY-----