[FAB-9446] Peer CLI multi-endorse via string arrays

This CR add supports to the peer CLI for obtaining
multiple endorsements for an "invoke" call. The peers
and the paths to the TLS root cert files for the peers
are supplied via the --peerAddresses and --tlsRootCertFiles
string array pflags.

Change-Id: I087abc34b877b386defec012e70bb8391610d227
Signed-off-by: Will Lahti <wtlahti@us.ibm.com>

Author: wlahti

peer/chaincode/chaincode.go

@@ -1,5 +1,5 @@
 /*
-Copyright IBM Corp. 2016 All Rights Reserved.
+Copyright IBM Corp. All Rights Reserved.
 
 SPDX-License-Identifier: Apache-2.0
 */
@@ -63,6 +63,8 @@ var (
 	transient             string
 	collectionsConfigFile string
 	collectionConfigBytes []byte
+	peerAddresses         []string
+	tlsRootCertFiles      []string
 )
 
 var chaincodeCmd = &cobra.Command{
@@ -110,6 +112,10 @@ func resetFlags() {
 		"Get the instantiated chaincodes on a channel")
 	flags.StringVar(&collectionsConfigFile, "collections-config", common.UndefinedParamValue,
 		fmt.Sprint("The file containing the configuration for the chaincode's collection"))
+	flags.StringArrayVarP(&peerAddresses, "peerAddresses", "", []string{common.UndefinedParamValue},
+		fmt.Sprint("The addresses of the peers to connect to"))
+	flags.StringArrayVarP(&tlsRootCertFiles, "tlsRootCertFiles", "", []string{common.UndefinedParamValue},
+		fmt.Sprint("If TLS is enabled, the paths to the TLS root cert files of the peers to connect to. The order and number of certs specified should match the --peerAddresses flag"))
 }
 
 func attachFlags(cmd *cobra.Command, names []string) {

peer/chaincode/common.go

@@ -1,5 +1,5 @@
 /*
-Copyright IBM Corp. 2016 All Rights Reserved.
+Copyright IBM Corp. All Rights Reserved.
 
 SPDX-License-Identifier: Apache-2.0
 */
@@ -106,7 +106,7 @@ func chaincodeInvokeOrQuery(cmd *cobra.Command, invoke bool, cf *ChaincodeCmdFac
 		channelID,
 		invoke,
 		cf.Signer,
-		cf.EndorserClient,
+		cf.EndorserClients,
 		cf.BroadcastClient)
 
 	if err != nil {
@@ -229,35 +229,35 @@ func checkChaincodeCmdParams(cmd *cobra.Command) error {
 		if chaincodeVersion == common.UndefinedParamValue {
 			return fmt.Errorf("chaincode version is not provided for %s", cmd.Name())
 		}
-	}
 
-	if escc != common.UndefinedParamValue {
-		logger.Infof("Using escc %s", escc)
-	} else {
-		logger.Info("Using default escc")
-		escc = "escc"
-	}
+		if escc != common.UndefinedParamValue {
+			logger.Infof("Using escc %s", escc)
+		} else {
+			logger.Info("Using default escc")
+			escc = "escc"
+		}
 
-	if vscc != common.UndefinedParamValue {
-		logger.Infof("Using vscc %s", vscc)
-	} else {
-		logger.Info("Using default vscc")
-		vscc = "vscc"
-	}
+		if vscc != common.UndefinedParamValue {
+			logger.Infof("Using vscc %s", vscc)
+		} else {
+			logger.Info("Using default vscc")
+			vscc = "vscc"
+		}
 
-	if policy != common.UndefinedParamValue {
-		p, err := cauthdsl.FromString(policy)
-		if err != nil {
-			return fmt.Errorf("invalid policy %s", policy)
+		if policy != common.UndefinedParamValue {
+			p, err := cauthdsl.FromString(policy)
+			if err != nil {
+				return fmt.Errorf("invalid policy %s", policy)
+			}
+			policyMarshalled = putils.MarshalOrPanic(p)
 		}
-		policyMarshalled = putils.MarshalOrPanic(p)
-	}
 
-	if collectionsConfigFile != common.UndefinedParamValue {
-		var err error
-		collectionConfigBytes, err = getCollectionConfigFromFile(collectionsConfigFile)
-		if err != nil {
-			return errors.WithMessage(err, fmt.Sprintf("invalid collection configuration in file %s", collectionsConfigFile))
+		if collectionsConfigFile != common.UndefinedParamValue {
+			var err error
+			collectionConfigBytes, err = getCollectionConfigFromFile(collectionsConfigFile)
+			if err != nil {
+				return errors.WithMessage(err, fmt.Sprintf("invalid collection configuration in file %s", collectionsConfigFile))
+			}
 		}
 	}
 
@@ -291,52 +291,91 @@ func checkChaincodeCmdParams(cmd *cobra.Command) error {
 	return nil
 }
 
+func validatePeerConnectionParameters(cmdName string) error {
+	// currently only support multiple peer addresses for invoke
+	if cmdName != "invoke" && len(peerAddresses) > 1 {
+		return errors.Errorf("'%s' command can only be executed against one peer. received %d", cmdName, len(peerAddresses))
+	}
+
+	if len(tlsRootCertFiles) > len(peerAddresses) {
+		logger.Warningf("received more TLS root cert files (%d) than peer addresses (%d)", len(tlsRootCertFiles), len(peerAddresses))
+	}
+
+	if viper.GetBool("peer.tls.enabled") {
+		if len(tlsRootCertFiles) != len(peerAddresses) {
+			return errors.Errorf("number of peer addresses (%d) does not match the number of TLS root cert files (%d)", len(peerAddresses), len(tlsRootCertFiles))
+		}
+	} else {
+		tlsRootCertFiles = nil
+	}
+
+	return nil
+}
+
 // ChaincodeCmdFactory holds the clients used by ChaincodeCmd
 type ChaincodeCmdFactory struct {
-	EndorserClient  pb.EndorserClient
+	EndorserClients []pb.EndorserClient
 	Signer          msp.SigningIdentity
 	BroadcastClient common.BroadcastClient
 }
 
 // InitCmdFactory init the ChaincodeCmdFactory with default clients
-func InitCmdFactory(isEndorserRequired, isOrdererRequired bool) (*ChaincodeCmdFactory, error) {
+func InitCmdFactory(cmdName string, isEndorserRequired, isOrdererRequired bool) (*ChaincodeCmdFactory, error) {
 	var err error
-	var endorserClient pb.EndorserClient
+	var endorserClients []pb.EndorserClient
 	if isEndorserRequired {
-		endorserClient, err = common.GetEndorserClientFnc()
-		if err != nil {
-			return nil, fmt.Errorf("error getting endorser client %s: %s", chainFuncName, err)
+		if err = validatePeerConnectionParameters(cmdName); err != nil {
+			return nil, errors.WithMessage(err, "error validating peer connection parameters")
+		}
+		for i, address := range peerAddresses {
+			var tlsRootCertFile string
+			if tlsRootCertFiles != nil {
+				tlsRootCertFile = tlsRootCertFiles[i]
+			}
+			endorserClient, err := common.GetEndorserClientFnc(address, tlsRootCertFile)
+			if err != nil {
+				return nil, errors.WithMessage(err, fmt.Sprintf("error getting endorser client for %s", cmdName))
+			}
+			endorserClients = append(endorserClients, endorserClient)
+		}
+		if len(endorserClients) == 0 {
+			return nil, errors.New("no endorser clients retrieved - this might indicate a bug")
 		}
 	}
 
 	signer, err := common.GetDefaultSignerFnc()
 	if err != nil {
-		return nil, fmt.Errorf("error getting default signer: %s", err)
+		return nil, errors.WithMessage(err, "error getting default signer")
 	}
 
 	var broadcastClient common.BroadcastClient
 	if isOrdererRequired {
 		if len(common.OrderingEndpoint) == 0 {
+			if len(endorserClients) == 0 {
+				return nil, errors.New("orderer is required, but no ordering endpoint or endorser client supplied")
+			}
+			endorserClient := endorserClients[0]
+
 			orderingEndpoints, err := common.GetOrdererEndpointOfChainFnc(channelID, signer, endorserClient)
 			if err != nil {
-				return nil, fmt.Errorf("error getting (%s) orderer endpoint: %s", channelID, err)
+				return nil, errors.WithMessage(err, fmt.Sprintf("error getting channel (%s) orderer endpoint", channelID))
 			}
 			if len(orderingEndpoints) == 0 {
-				return nil, fmt.Errorf("error no orderer endpoint got for %s", channelID)
+				return nil, errors.Errorf("no orderer endpoints retrieved for channel %s", channelID)
 			}
-			logger.Infof("Get chain(%s) orderer endpoint: %s", channelID, orderingEndpoints[0])
+			logger.Infof("Retrieved channel (%s) orderer endpoint: %s", channelID, orderingEndpoints[0])
 			// override viper env
 			viper.Set("orderer.address", orderingEndpoints[0])
 		}
 
 		broadcastClient, err = common.GetBroadcastClientFnc()
 
 		if err != nil {
-			return nil, fmt.Errorf("error getting broadcast client: %s", err)
+			return nil, errors.WithMessage(err, "error getting broadcast client")
 		}
 	}
 	return &ChaincodeCmdFactory{
-		EndorserClient:  endorserClient,
+		EndorserClients: endorserClients,
 		Signer:          signer,
 		BroadcastClient: broadcastClient,
 	}, nil
@@ -356,7 +395,7 @@ func ChaincodeInvokeOrQuery(
 	cID string,
 	invoke bool,
 	signer msp.SigningIdentity,
-	endorserClient pb.EndorserClient,
+	endorserClients []pb.EndorserClient,
 	bc common.BroadcastClient,
 ) (*pb.ProposalResponse, error) {
 	// Build the ChaincodeInvocationSpec message
@@ -394,20 +433,30 @@ func ChaincodeInvokeOrQuery(
 	if err != nil {
 		return nil, fmt.Errorf("error creating signed proposal  %s: %s", funcName, err)
 	}
+	var responses []*pb.ProposalResponse
+	for _, endorser := range endorserClients {
+		proposalResp, err := endorser.ProcessProposal(context.Background(), signedProp)
+		if err != nil {
+			return nil, fmt.Errorf("error endorsing %s: %s", funcName, err)
+		}
+		responses = append(responses, proposalResp)
+	}
 
-	var proposalResp *pb.ProposalResponse
-	proposalResp, err = endorserClient.ProcessProposal(context.Background(), signedProp)
-	if err != nil {
-		return nil, fmt.Errorf("error endorsing %s: %s", funcName, err)
+	if len(responses) == 0 {
+		// this should only happen if some new code has introduced a bug
+		return nil, errors.New("no proposal responses received - this might indicate a bug")
 	}
+	// all responses will be checked when the signed transaction is created.
+	// for now, just set this so we check the first response's status
+	proposalResp := responses[0]
 
 	if invoke {
 		if proposalResp != nil {
 			if proposalResp.Response.Status >= shim.ERROR {
 				return proposalResp, nil
 			}
 			// assemble a signed transaction (it's an Envelope message)
-			env, err := putils.CreateSignedTx(prop, signer, proposalResp)
+			env, err := putils.CreateSignedTx(prop, signer, responses...)
 			if err != nil {
 				return proposalResp, fmt.Errorf("could not assemble transaction, err %s", err)
 			}

peer/chaincode/common_test.go

@@ -1,23 +1,15 @@
 /*
- Copyright Digital Asset Holdings, LLC 2016 All Rights Reserved.
+Copyright Digital Asset Holdings, LLC. All Rights Reserved.
+Copyright IBM Corp. All Rights Reserved.
 
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
-      http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
+SPDX-License-Identifier: Apache-2.0
 */
 
 package chaincode
 
 import (
 	"encoding/json"
+	"fmt"
 	"testing"
 
 	"github.com/golang/protobuf/proto"
@@ -26,11 +18,13 @@ import (
 	"github.com/hyperledger/fabric/common/tools/configtxgen/configtxgentest"
 	"github.com/hyperledger/fabric/common/tools/configtxgen/encoder"
 	genesisconfig "github.com/hyperledger/fabric/common/tools/configtxgen/localconfig"
+	"github.com/hyperledger/fabric/core/config/configtest"
 	"github.com/hyperledger/fabric/peer/common"
 	common2 "github.com/hyperledger/fabric/protos/common"
 	pb "github.com/hyperledger/fabric/protos/peer"
 	"github.com/hyperledger/fabric/protos/utils"
 	"github.com/spf13/cobra"
+	"github.com/spf13/viper"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )
@@ -217,3 +211,103 @@ func TestCollectionParsing(t *testing.T) {
 	assert.Error(t, err)
 	assert.Nil(t, cc)
 }
+
+func TestValidatePeerConnectionParams(t *testing.T) {
+	assert := assert.New(t)
+	viper.Reset()
+	cleanup := configtest.SetDevFabricConfigPath(t)
+	defer cleanup()
+
+	// TLS disabled
+	viper.Set("peer.tls.enabled", false)
+
+	// failure - more than one peer and TLS root cert - not invoke
+	resetFlags()
+	peerAddresses = []string{"peer0", "peer1"}
+	tlsRootCertFiles = []string{"cert0", "cert1"}
+	err := validatePeerConnectionParameters("query")
+	assert.Error(err)
+	assert.Contains(err.Error(), "command can only be executed against one peer")
+
+	// success - peer provided and no TLS root certs
+	// TLS disabled
+	resetFlags()
+	peerAddresses = []string{"peer0"}
+	err = validatePeerConnectionParameters("query")
+	assert.NoError(err)
+	assert.Nil(tlsRootCertFiles)
+
+	// success - more TLS root certs than peers
+	// TLS disabled
+	resetFlags()
+	peerAddresses = []string{"peer0"}
+	tlsRootCertFiles = []string{"cert0", "cert1"}
+	err = validatePeerConnectionParameters("invoke")
+	assert.NoError(err)
+	assert.Nil(tlsRootCertFiles)
+
+	// success - multiple peers and no TLS root certs - invoke
+	// TLS disabled
+	resetFlags()
+	peerAddresses = []string{"peer0", "peer1"}
+	err = validatePeerConnectionParameters("invoke")
+	assert.NoError(err)
+	assert.Nil(tlsRootCertFiles)
+
+	// TLS enabled
+	viper.Set("peer.tls.enabled", true)
+
+	// failure - uneven number of peers and TLS root certs - invoke
+	// TLS enabled
+	resetFlags()
+	peerAddresses = []string{"peer0", "peer1"}
+	tlsRootCertFiles = []string{"cert0"}
+	err = validatePeerConnectionParameters("invoke")
+	assert.Error(err)
+	assert.Contains(err.Error(), fmt.Sprintf("number of peer addresses (%d) does not match the number of TLS root cert files (%d)", len(peerAddresses), len(tlsRootCertFiles)))
+
+	// success - more than one peer and TLS root certs - invoke
+	// TLS enabled
+	resetFlags()
+	peerAddresses = []string{"peer0", "peer1"}
+	tlsRootCertFiles = []string{"cert0", "cert1"}
+	err = validatePeerConnectionParameters("invoke")
+	assert.NoError(err)
+
+	// cleanup pflags and viper
+	resetFlags()
+	viper.Reset()
+}
+
+func TestInitCmdFactoryFailures(t *testing.T) {
+	assert := assert.New(t)
+
+	// failure validating peer connection parameters
+	resetFlags()
+	peerAddresses = []string{"peer0", "peer1"}
+	tlsRootCertFiles = []string{"cert0", "cert1"}
+	cf, err := InitCmdFactory("query", true, false)
+	assert.Error(err)
+	assert.Contains(err.Error(), "error validating peer connection parameters: 'query' command can only be executed against one peer")
+	assert.Nil(cf)
+
+	// failure - no peers supplied and endorser client is needed
+	resetFlags()
+	peerAddresses = []string{}
+	cf, err = InitCmdFactory("query", true, false)
+	assert.Error(err)
+	assert.Contains(err.Error(), "no endorser clients retrieved")
+	assert.Nil(cf)
+
+	// failure - orderer client is needed, ordering endpoint is empty and no
+	// endorser client supplied
+	resetFlags()
+	peerAddresses = nil
+	cf, err = InitCmdFactory("invoke", false, true)
+	assert.Error(err)
+	assert.Contains(err.Error(), "no ordering endpoint or endorser client supplied")
+	assert.Nil(cf)
+
+	// cleanup
+	resetFlags()
+}