-
Notifications
You must be signed in to change notification settings - Fork 18
/
1-operator-demo.sh
executable file
·84 lines (67 loc) · 2.49 KB
/
1-operator-demo.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
#!/bin/bash
# Copyright (c) Microsoft Corporation.
# Licensed under the MIT License.
### Script to setup and configure a SCITT CCF instance with custom parameters
set -e
# Variables
: "${MEMBER_CERT_PATH:?"variable not set. Please define the path to the CCF member certificate PEM file"}"
: "${MEMBER_KEY_PATH:?"variable not set. Please define the path to the CCF member key PEM file"}"
: "${SCITT_CONFIG_PATH:?"variable not set. Please define the path to SCITT configuration JSON file"}"
X509_ROOT_PATH=${X509_ROOT_PATH:-""}
DID_WEB_ROOT_PATH=${DID_WEB_ROOT_PATH:-""}
SCITT_URL=${SCITT_URL:-"https://127.0.0.1:8000"}
echo -e "\nSetting up environment"
if [ ! -f "venv/bin/activate" ]; then
python3.8 -m venv "venv"
fi
# Activate environment and install pyscitt local library
source venv/bin/activate
pip install --disable-pip-version-check -q -e ./pyscitt
echo -e "\nActivating member"
# Send Proposal to activate member
scitt governance activate_member \
--url "$SCITT_URL" \
--member-key "$MEMBER_KEY_PATH" \
--member-cert "$MEMBER_CERT_PATH" \
--development
echo -e "\nConfiguring CCF instance"
# Send proposal to set CA certs
if [ -n "$DID_WEB_ROOT_PATH" ]; then
scitt governance propose_ca_certs \
--name did_web_tls_roots \
--ca-certs "$DID_WEB_ROOT_PATH" \
--url "$SCITT_URL" \
--member-key "$MEMBER_KEY_PATH" \
--member-cert "$MEMBER_CERT_PATH" \
--development
fi
if [ -n "$X509_ROOT_PATH" ]; then
scitt governance propose_ca_certs \
--name x509_roots \
--ca-certs "$X509_ROOT_PATH" \
--url "$SCITT_URL" \
--member-key "$MEMBER_KEY_PATH" \
--member-cert "$MEMBER_CERT_PATH" \
--development
fi
# Send proposal to set SCITT configuration
scitt governance propose_configuration \
--configuration "$SCITT_CONFIG_PATH" \
--url "$SCITT_URL" \
--member-key "$MEMBER_KEY_PATH" \
--member-cert "$MEMBER_CERT_PATH" \
--development
echo -e "\nOpening the network"
# Get current service certificate
SERVICE_CERT_PATH="service_cert.pem"
curl -k "$SCITT_URL"/node/network | jq -r .service_certificate | head -n -1 > "$SERVICE_CERT_PATH"
# Send the proposal to open the network
scitt governance propose_open_service \
--url "$SCITT_URL" \
--member-key "$MEMBER_KEY_PATH" \
--member-cert "$MEMBER_CERT_PATH" \
--next-service-certificate "$SERVICE_CERT_PATH" \
--development
# Remove the service certificate file
rm "$SERVICE_CERT_PATH"
echo -e "\nScript completed successfully"