Porting changes from V1.0.6 to master

.github/workflows/integration-tests.yaml

@@ -61,7 +61,7 @@ jobs:
 
       - name: Set up ginkgo
         run: |
-          go install github.com/onsi/ginkgo/ginkgo
+          go install github.com/onsi/ginkgo/v2/ginkgo@v2.1.4
 
       - name: Set up KIND k8s cluster
         run: |

.github/workflows/release.yaml

@@ -2,12 +2,12 @@ name: Release Operator
 
 on:
   pull_request:
-    branches: [ release-1.0 ]
+    branches: [v1.*]
   push:
-    tags: [ v1.* ]
+    tags: [v1.*]
 
 env:
-  GO_VER: 1.18.4
+  GO_VER: 1.18
   GO_TAGS: ""
   REGISTRY: ghcr.io
   IMAGE_NAME: ${{ github.repository }}
@@ -39,6 +39,11 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v3
 
+      - name: setup
+        run: |
+          scripts/install-tools.sh
+          make setup
+
       - name: Login to the GitHub Container Registry
         uses: docker/login-action@v2
         with:

Dockerfile

@@ -3,15 +3,9 @@ ARG GO_VER
 ########## Build operator binary ##########
 FROM registry.access.redhat.com/ubi8/go-toolset:$GO_VER as builder
 
-COPY . /go/src/github.com/hyperledger-labs/fabric-operator
-WORKDIR /go/src/github.com/hyperledger-labs/fabric-operator
-
-# RUN GOOS=linux GOARCH=$(go env GOARCH) CGO_ENABLED=1 go build
-RUN go build \
-    -tags "pkcs11" \
-    -gcflags all=-trimpath=${GOPATH} \
-    -asmflags all=-trimpath=${GOPATH} \
-    -o /tmp/build/_output/bin/ibp-operator
+COPY . /go/src/github.com/IBM-Blockchain/fabric-operator
+WORKDIR /go/src/github.com/IBM-Blockchain/fabric-operator
+RUN GOOS=linux GOARCH=${ARCH} CGO_ENABLED=1 go build -mod=vendor -tags "pkcs11" -gcflags all=-trimpath=${GOPATH} -asmflags all=-trimpath=${GOPATH} -o /tmp/build/_output/bin/ibp-operator
 
 ########## Final Image ##########
 FROM registry.access.redhat.com/ubi8/ubi-minimal

Makefile

@@ -18,6 +18,8 @@
 
 IMAGE ?= hyperledger-labs/fabric-operator
 ARCH ?= $(shell go env GOARCH)
+OSS_GO_VER ?= 1.18
+BUILD_DATE = $(shell date -u +"%Y-%m-%dT%H:%M:%SZ")
 OS = $(shell go env GOOS)
 SEMREV_LABEL ?= v1.0.0-$(shell git rev-parse --short HEAD)
 BUILD_DATE = $(shell date -u +"%Y-%m-%dT%H:%M:%SZ")

api/v1beta1/ibporderer.go

@@ -22,6 +22,7 @@ import (
 	config "github.com/IBM-Blockchain/fabric-operator/pkg/initializer/orderer/config/v1"
 	v2config "github.com/IBM-Blockchain/fabric-operator/pkg/initializer/orderer/config/v2"
 	v24config "github.com/IBM-Blockchain/fabric-operator/pkg/initializer/orderer/config/v24"
+	v25config "github.com/IBM-Blockchain/fabric-operator/pkg/initializer/orderer/config/v25"
 	"github.com/IBM-Blockchain/fabric-operator/pkg/util/image"
 	"github.com/IBM-Blockchain/fabric-operator/version"
 	corev1 "k8s.io/api/core/v1"
@@ -88,7 +89,17 @@ func (o *IBPOrderer) GetConfigOverride() (interface{}, error) {
 	switch version.GetMajorReleaseVersion(o.Spec.FabricVersion) {
 	case version.V2:
 		currentVer := version.String(o.Spec.FabricVersion)
-		if currentVer.EqualWithoutTag(version.V2_4_1) || currentVer.GreaterThan(version.V2_4_1) {
+		if currentVer.EqualWithoutTag(version.V2_5_1) || currentVer.GreaterThan(version.V2_5_1) {
+			if o.Spec.ConfigOverride == nil {
+				return &v25config.Orderer{}, nil
+			}
+
+			configOverride, err := v25config.ReadFrom(&o.Spec.ConfigOverride.Raw)
+			if err != nil {
+				return nil, err
+			}
+			return configOverride, nil
+		} else if currentVer.EqualWithoutTag(version.V2_4_1) || currentVer.GreaterThan(version.V2_4_1) {
 			if o.Spec.ConfigOverride == nil {
 				return &v24config.Orderer{}, nil
 			}

api/v1beta1/ibppeer.go

@@ -23,6 +23,7 @@ import (
 
 	config "github.com/IBM-Blockchain/fabric-operator/pkg/initializer/peer/config/v1"
 	v2config "github.com/IBM-Blockchain/fabric-operator/pkg/initializer/peer/config/v2"
+	v25config "github.com/IBM-Blockchain/fabric-operator/pkg/initializer/peer/config/v25"
 	"github.com/IBM-Blockchain/fabric-operator/pkg/util/image"
 	"github.com/IBM-Blockchain/fabric-operator/version"
 	corev1 "k8s.io/api/core/v1"
@@ -99,15 +100,33 @@ func (p *IBPPeer) UsingCCLauncherImage() bool {
 func (p *IBPPeer) EnrollerImage() string {
 	return image.Format(p.Spec.Images.EnrollerImage, p.Spec.Images.EnrollerTag)
 }
+func IsV25Peer(fabricVersion string) bool {
+	currentVer := version.String(fabricVersion)
+	if currentVer.EqualWithoutTag(version.V2_5_1) || currentVer.GreaterThan(version.V2_5_1) {
+		return true
+	}
+	return false
+}
 
 func (s *IBPPeer) GetConfigOverride() (interface{}, error) {
 	switch version.GetMajorReleaseVersion(s.Spec.FabricVersion) {
 	case version.V2:
+		isv25Peer := IsV25Peer(s.Spec.FabricVersion)
 		if s.Spec.ConfigOverride == nil {
-			return &v2config.Core{}, nil
+			if isv25Peer {
+				return &v25config.Core{}, nil
+			} else {
+				return &v2config.Core{}, nil
+			}
 		}
 
-		configOverride, err := v2config.ReadFrom(&s.Spec.ConfigOverride.Raw)
+		var configOverride interface{}
+		var err error
+		if isv25Peer {
+			configOverride, err = v25config.ReadFrom(&s.Spec.ConfigOverride.Raw)
+		} else {
+			configOverride, err = v2config.ReadFrom(&s.Spec.ConfigOverride.Raw)
+		}
 		if err != nil {
 			return nil, err
 		}

config/ingress/kind/kustomization.yaml

@@ -22,4 +22,4 @@ resources:
   - https://github.com/kubernetes/ingress-nginx.git/deploy/static/provider/kind?ref=controller-v1.1.2
 
 patchesStrategicMerge:
-  - ingress-nginx-controller.yaml
+  - ingress-nginx-controller.yaml

controllers/common/common.go

@@ -39,9 +39,9 @@ type Client interface {
 	List(ctx context.Context, list client.ObjectList, opts ...client.ListOption) error
 }
 
-// 1. Only one existing instance (of the same type as 'instance') should have
-//    the name 'instance.GetName()'; if more than one is present, return error
-// 2. If any instance of a different type share the same name, return error
+//  1. Only one existing instance (of the same type as 'instance') should have
+//     the name 'instance.GetName()'; if more than one is present, return error
+//  2. If any instance of a different type share the same name, return error
 func ValidateCRName(k8sclient Client, name, namespace, kind string) error {
 	listOptions := &client.ListOptions{
 		Namespace: namespace,

controllers/ibporderer/ibporderer_controller.go

@@ -746,25 +746,43 @@ func (r *ReconcileIBPOrderer) UpdateFunc(e event.UpdateEvent) bool {
 		oldVer := version.String(oldOrderer.Spec.FabricVersion)
 		newVer := version.String(newOrderer.Spec.FabricVersion)
 
-		// check if this V1 -> V2.2.x/V2.4.x orderer migration
+		// check if this V1 -> V2.2.x/V2.4.x/v2.5.x orderer migration
 		if (oldOrderer.Spec.FabricVersion == "" ||
 			version.GetMajorReleaseVersion(oldOrderer.Spec.FabricVersion) == version.V1) &&
 			version.GetMajorReleaseVersion(newOrderer.Spec.FabricVersion) == version.V2 {
 			update.migrateToV2 = true
-			if newVer.EqualWithoutTag(version.V2_4_1) || newVer.GreaterThan(version.V2_4_1) {
+			if newVer.EqualWithoutTag(version.V2_5_1) || newVer.GreaterThan(version.V2_5_1) {
+				update.migrateToV25 = true
+				// Re-enrolling tls cert to include admin hostname in SAN (for orderers >=2.5.1)
+				update.tlscertReenrollNeeded = true
+			} else if newVer.EqualWithoutTag(version.V2_4_1) || newVer.GreaterThan(version.V2_4_1) {
+				update.migrateToV24 = true
+				// Re-enrolling tls cert to include admin hostname in SAN (for orderers >=2.4.1)
+				update.tlscertReenrollNeeded = true
+			}
+		}
+
+		// check if this V2.2.x -> V2.4.x/2.5.x orderer migration
+		if (version.GetMajorReleaseVersion(oldOrderer.Spec.FabricVersion) == version.V2) &&
+			oldVer.LessThan(version.V2_4_1) {
+			if newVer.EqualWithoutTag(version.V2_5_1) || newVer.GreaterThan(version.V2_5_1) {
+				update.migrateToV25 = true
+				// Re-enrolling tls cert to include admin hostname in SAN (for orderers >=2.4.1)
+				update.tlscertReenrollNeeded = true
+			} else if newVer.EqualWithoutTag(version.V2_4_1) || newVer.GreaterThan(version.V2_4_1) {
 				update.migrateToV24 = true
 				// Re-enrolling tls cert to include admin hostname in SAN (for orderers >=2.4.1)
 				update.tlscertReenrollNeeded = true
 			}
 		}
 
-		// check if this V2.2.x -> V2.4.x orderer migration
+		// check if this V2.4.x -> V2.5.x orderer migration
 		if (version.GetMajorReleaseVersion(oldOrderer.Spec.FabricVersion) == version.V2) &&
-			oldVer.LessThan(version.V2_4_1) &&
-			(newVer.EqualWithoutTag(version.V2_4_1) || newVer.GreaterThan(version.V2_4_1)) {
-			update.migrateToV24 = true
-			// Re-enrolling tls cert to include admin hostname in SAN (for orderers >=2.4.1)
-			update.tlscertReenrollNeeded = true
+			oldVer.LessThan(version.V2_5_1) &&
+			(newVer.EqualWithoutTag(version.V2_5_1) || newVer.GreaterThan(version.V2_5_1)) {
+			update.migrateToV25 = true
+			//Orderers >=2.4.1 alredy has the tls-cert renewed, we do not do this in this upgrade
+			//update.tlscertReenrollNeeded = true
 		}
 
 		if oldOrderer.Spec.NodeOUDisabled() != newOrderer.Spec.NodeOUDisabled() {

controllers/ibporderer/predicate.go

@@ -46,6 +46,7 @@ type Update struct {
 	ecertCreated          bool
 	migrateToV2           bool
 	migrateToV24          bool
+	migrateToV25          bool
 	nodeOUUpdated         bool
 	imagesUpdated         bool
 	fabricVersionUpdated  bool
@@ -69,6 +70,7 @@ func (u *Update) Detected() bool {
 		u.ecertEnroll ||
 		u.migrateToV2 ||
 		u.migrateToV24 ||
+		u.migrateToV25 ||
 		u.nodeOUUpdated ||
 		u.imagesUpdated ||
 		u.fabricVersionUpdated
@@ -186,6 +188,10 @@ func (u *Update) MigrateToV24() bool {
 	return u.migrateToV24
 }
 
+func (u *Update) MigrateToV25() bool {
+	return u.migrateToV25
+}
+
 func (u *Update) NodeOUUpdated() bool {
 	return u.nodeOUUpdated
 }
@@ -251,6 +257,9 @@ func (u *Update) GetUpdateStackWithTrues() string {
 	if u.migrateToV24 {
 		stack += "migrateToV24 "
 	}
+	if u.migrateToV25 {
+		stack += "migrateToV25 "
+	}
 	if u.nodeOUUpdated {
 		stack += "nodeOUUpdated "
 	}

controllers/ibppeer/ibppeer_controller.go

@@ -48,7 +48,6 @@ import (
 	appsv1 "k8s.io/api/apps/v1"
 	corev1 "k8s.io/api/core/v1"
 	k8serrors "k8s.io/apimachinery/pkg/api/errors"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/labels"
 	"k8s.io/apimachinery/pkg/runtime"
@@ -671,16 +670,29 @@ func (r *ReconcileIBPPeer) UpdateFunc(e event.UpdateEvent) bool {
 			version.GetMajorReleaseVersion(oldPeer.Spec.FabricVersion) == version.V1) &&
 			version.GetMajorReleaseVersion(newPeer.Spec.FabricVersion) == version.V2 {
 			update.migrateToV2 = true
-			if newVer.EqualWithoutTag(version.V2_4_1) || newVer.GreaterThan(version.V2_4_1) {
+			if newVer.EqualWithoutTag(version.V2_5_1) || newVer.GreaterThan(version.V2_5_1) {
+				update.migrateToV24 = true
+				update.migrateToV25 = true
+			} else if newVer.EqualWithoutTag(version.V2_4_1) || newVer.GreaterThan(version.V2_4_1) {
 				update.migrateToV24 = true
 			}
 		}
 
-		// check if this V2.2.x -> V2.4.x peer migration
+		// check if this V2.2.x -> V2.4.x/V2.5.x peer migration
 		if (version.GetMajorReleaseVersion(oldPeer.Spec.FabricVersion) == version.V2) &&
-			oldVer.LessThan(version.V2_4_1) &&
-			(newVer.EqualWithoutTag(version.V2_4_1) || newVer.GreaterThan(version.V2_4_1)) {
+			oldVer.LessThan(version.V2_4_1) {
 			update.migrateToV24 = true
+			if newVer.EqualWithoutTag(version.V2_5_1) || newVer.GreaterThan(version.V2_5_1) {
+				update.migrateToV25 = true
+			}
+		}
+
+		// check if this V2.4.x -> V2.5.x peer migration
+		if (version.GetMajorReleaseVersion(oldPeer.Spec.FabricVersion) == version.V2) &&
+			oldVer.LessThan(version.V2_5_1) {
+			if newVer.EqualWithoutTag(version.V2_5_1) || newVer.GreaterThan(version.V2_5_1) {
+				update.migrateToV25 = true
+			}
 		}
 
 		if newPeer.Spec.Action.UpgradeDBs == true {
@@ -775,7 +787,7 @@ func (r *ReconcileIBPPeer) DeleteFunc(e event.DeleteEvent) bool {
 		// without proper controller references set and was not cleaned up on peer resource deletion.
 		log.Info(fmt.Sprintf("Deleting %s-init-config config map, if found", peer.GetName()))
 		if err := r.client.Delete(context.TODO(), &corev1.ConfigMap{
-			ObjectMeta: metav1.ObjectMeta{
+			ObjectMeta: v1.ObjectMeta{
 				Name:      fmt.Sprintf("%s-init-config", peer.GetName()),
 				Namespace: peer.GetNamespace(),
 			},

controllers/ibppeer/predicate.go

@@ -39,6 +39,7 @@ type Update struct {
 	tlscertNewKeyReenroll bool
 	migrateToV2           bool
 	migrateToV24          bool
+	migrateToV25          bool
 	mspUpdated            bool
 	ecertEnroll           bool
 	tlscertEnroll         bool
@@ -116,6 +117,10 @@ func (u *Update) MigrateToV24() bool {
 	return u.migrateToV24
 }
 
+func (u *Update) MigrateToV25() bool {
+	return u.migrateToV25
+}
+
 func (u *Update) UpgradeDBs() bool {
 	return u.upgradedbs
 }
@@ -195,6 +200,7 @@ func (u *Update) Needed() bool {
 		u.tlscertNewKeyReenroll ||
 		u.migrateToV2 ||
 		u.migrateToV24 ||
+		u.migrateToV25 ||
 		u.mspUpdated ||
 		u.ecertEnroll ||
 		u.upgradedbs ||
@@ -239,6 +245,9 @@ func (u *Update) GetUpdateStackWithTrues() string {
 	if u.migrateToV24 {
 		stack += "migrateToV24 "
 	}
+	if u.migrateToV25 {
+		stack += "migrateToV25 "
+	}
 	if u.mspUpdated {
 		stack += "mspUpdated "
 	}

defaultconfig/orderer/orderer.yaml

@@ -56,7 +56,8 @@ General:
         # ServerMinInterval is the minimum permitted time between client pings.
         # If clients send pings more frequently, the server will
         # disconnect them.
-        ServerMinInterval: 60s
+        ## Changing defaults to 25s to fix connection issues with VPC clusters
+        ServerMinInterval: 25s
         # ServerInterval is the time between pings to clients.
         ServerInterval: 7200s
         # ServerTimeout is the duration the server waits for a response from

defaultconfig/orderer/v2/orderer.yaml

@@ -46,7 +46,8 @@ General:
         # ServerMinInterval is the minimum permitted time between client pings.
         # If clients send pings more frequently, the server will
         # disconnect them.
-        ServerMinInterval: 60s
+        ## Changing defaults to 25s to fix connection issues with VPC clusters
+        ServerMinInterval: 25s
         # ServerInterval is the time between pings to clients.
         ServerInterval: 7200s
         # ServerTimeout is the duration the server waits for a response from

defaultconfig/orderer/v24/orderer.yaml

@@ -46,12 +46,21 @@ General:
         # ServerMinInterval is the minimum permitted time between client pings.
         # If clients send pings more frequently, the server will
         # disconnect them.
-        ServerMinInterval: 60s
+        ## Changing defaults to 25s to fix connection issues with VPC clusters
+        ServerMinInterval: 25s
         # ServerInterval is the time between pings to clients.
         ServerInterval: 7200s
         # ServerTimeout is the duration the server waits for a response from
         # a client before closing the connection.
         ServerTimeout: 20s
+
+    # Since all nodes should be consistent it is recommended to keep
+    # the default value of 100MB for MaxRecvMsgSize & MaxSendMsgSize
+    # Max message size in bytes the GRPC server and client can receive
+    MaxRecvMsgSize: 104857600
+    # Max message size in bytes the GRPC server and client can send
+    MaxSendMsgSize: 104857600
+
     # Cluster settings for ordering service nodes that communicate with other ordering service nodes
     # such as Raft based ordering service.
     Cluster: