From a28641ae47bd686af76d85ac22bcc84548211c59 Mon Sep 17 00:00:00 2001 From: Michal Bajer Date: Mon, 11 Sep 2023 09:32:55 +0000 Subject: [PATCH] fix(indy-validator): fix package dependencies - Update indy validator python dependencies. - Add README chapter on updating python dependencies to simplify this process in the future. - Use pinend ubuntu base image in indy-sdk-cli dockerfile. - Do some minor README improvements and cleanups. - Use pinned fabric-all-in-one versions in discounted-asset-trade. Tested with `discounted-asset-trade` (should work without an issue now, at least dockerless one) Depends on: #2596 Signed-off-by: Michal Bajer --- .../README.md | 3 +- .../script-start-ledgers.sh | 6 +- .../transaction-indy.ts | 2 +- .../cactus_validator_socketio_indy/README.md | 131 +++++++++++------- .../cactus_validator_socketio_indy/setup.py | 41 +++--- .../validator-python/.gitignore | 2 + .../validator-python/requirements.txt | 36 ++--- .../fabric-all-in-one/docker-compose-v2.x.yml | 6 +- tools/docker/indy-sdk-cli/Dockerfile | 15 +- tools/docker/indy-sdk-cli/README.md | 3 + 10 files changed, 142 insertions(+), 103 deletions(-) diff --git a/examples/cactus-example-discounted-asset-trade/README.md b/examples/cactus-example-discounted-asset-trade/README.md index 0004550c64..10dd5033db 100644 --- a/examples/cactus-example-discounted-asset-trade/README.md +++ b/examples/cactus-example-discounted-asset-trade/README.md @@ -139,7 +139,8 @@ For development purposes, it might be useful to run the sample application outsi - [Build the SDK from source](https://github.com/hyperledger/indy-sdk#how-to-build-indy-sdk-from-source) - Or use these steps for Ubuntu 20.04: ```bash - sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys CE7709D068DB5E88 \ + sudo apt-get install ca-certificates -y \ + && sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys CE7709D068DB5E88 \ && sudo add-apt-repository "deb https://repo.sovrin.org/sdk/deb bionic stable" \ && sudo apt-get update \ && sudo apt-get install -y \ diff --git a/examples/cactus-example-discounted-asset-trade/script-start-ledgers.sh b/examples/cactus-example-discounted-asset-trade/script-start-ledgers.sh index 80583b7f3c..444f194b2e 100755 --- a/examples/cactus-example-discounted-asset-trade/script-start-ledgers.sh +++ b/examples/cactus-example-discounted-asset-trade/script-start-ledgers.sh @@ -10,7 +10,11 @@ CONFIG_VOLUME_PATH="./etc/cactus" # Docker volume with shared configuration # Fabric Env Variables export CACTUS_FABRIC_ALL_IN_ONE_CONTAINER_NAME="asset_trade_faio2x_testnet" -export CACTUS_FABRIC_ALL_IN_ONE_VERSION="2.2.0" +export CACTUS_FABRIC_ALL_IN_ONE_VERSION="2.4.4" +export CACTUS_FABRIC_ALL_IN_ONE_NODEENV_VERSION="2.4.2" +export CACTUS_FABRIC_ALL_IN_ONE_CA_VERSION="1.5.3" +export CACTUS_FABRIC_ALL_IN_ONE_COUCH_VERSION_FABRIC="0.4" +export CACTUS_FABRIC_ALL_IN_ONE_COUCH_VERSION="3.2.2" export CACTUS_FABRIC_TEST_LOOSE_MEMBERSHIP=1 # Cert options diff --git a/examples/cactus-example-discounted-asset-trade/transaction-indy.ts b/examples/cactus-example-discounted-asset-trade/transaction-indy.ts index 46df287422..ae82d22178 100644 --- a/examples/cactus-example-discounted-asset-trade/transaction-indy.ts +++ b/examples/cactus-example-discounted-asset-trade/transaction-indy.ts @@ -38,7 +38,7 @@ export function getDataFromIndy( try { logger.debug(`getDataFromIndy: arg_request: ${arg_request}`); sendRequest(arg_request, identifier).then((result) => { - logger.debug(`##getDataFromIndy: result: ${result}`); + logger.debug(`##getDataFromIndy: result: ${JSON.stringify(result)}`); return resolve(result); }); diff --git a/packages-python/cactus_validator_socketio_indy/README.md b/packages-python/cactus_validator_socketio_indy/README.md index 12c435d642..891ccc65fa 100644 --- a/packages-python/cactus_validator_socketio_indy/README.md +++ b/packages-python/cactus_validator_socketio_indy/README.md @@ -1,73 +1,106 @@ # Indy Validator + - Cactus socketio validator to integrate with Hyperledger Indy ## Build + - By default, it assumes that indy pool is available at `172.16.0.2` - You can modify this behavior by editing `Dockerfile` or by setting arg `pool_ip` + ``` ./setup_indy.sh ``` +## Updating the dependencies + +- When updating depedency in `requirements.txt` make sure that it's dependencies are updated as well. +- Make sure you update the package version in `setup.py` as well. +- After each update build and run container to ensure it still works. +- Follow this process when updating the package: + +```bash + # Go to package dir + cd packages-python/cactus_validator_socketio_indy/validator-python + + # Setup venv and install core dependencies + python3 -m venv .venv + source .venv/bin/activate + pip install --upgrade setuptools wheel + pip install Flask==2.3.2 Flask-SocketIO==5.1.1 PyJWT==2.4.0 PyYAML==5.4.1 python3-indy==1.16.0 eventlet==0.31.1 cryptography==41.0.3 + + # Freeze current package listing + pip freeze > requirements.txt + + # Copy the contents of requirements.txt to setup.py install_requires list (adjust formatting accordingly). +``` + ## Test + - Use `testcli/testsock.js` to check basic communication pattern with the validator. ### How-To + 1. Start indy testnet pool (follow instructions from `../../tools/docker/indy-testnet/` README). It should create docker network `indy-testnet_indy_net`, pool should be available at `172.16.0.2`. 1. Generate proof and store it in local `/etc/cactus`: - ``` - rm -r /etc/cactus/validator_socketio_indy/* - cd ../../examples/register-indy-data/ - ./script-build-docker.sh - docker run --rm -ti -v/etc/cactus/:/etc/cactus/ --net="host" register-indy-data --proof_only - ``` + ``` + rm -r /etc/cactus/validator_socketio_indy/* + cd ../../examples/register-indy-data/ + ./script-build-docker.sh + docker run --rm -ti -v/etc/cactus/:/etc/cactus/ --net="host" register-indy-data --proof_only + ``` 1. Copy indy validator config - ``` - cp -rf ./config/* /etc/cactus/validator_socketio_indy/ - ``` + ``` + cp -rf ./config/* /etc/cactus/validator_socketio_indy/ + ``` 1. Generate validator certificate using OpenSSL tool - ``` - mkdir -p "/etc/cactus/validator_socketio_indy/CA/" - openssl ecparam -genkey -name "prime256v1" -out "/etc/cactus/validator_socketio_indy/CA/connector.priv" - openssl req -new -sha256 -key "/etc/cactus/validator_socketio_indy/CA/connector.priv" \ - -out "/etc/cactus/validator_socketio_indy/CA/connector.csr" \ - -subj "/C=JP/ST=Tokyo/L=Minato-Ku/O=CactusSamples/CN=IndyValidator" - openssl req -x509 -sha256 -days 365 -key "/etc/cactus/validator_socketio_indy/CA/connector.priv" \ - -in "/etc/cactus/validator_socketio_indy/CA/connector.csr" \ - -out "/etc/cactus/validator_socketio_indy/CA/connector.crt" - ``` + ``` + mkdir -p "/etc/cactus/validator_socketio_indy/CA/" + openssl ecparam -genkey -name "prime256v1" -out "/etc/cactus/validator_socketio_indy/CA/connector.priv" + openssl req -new -sha256 -key "/etc/cactus/validator_socketio_indy/CA/connector.priv" \ + -out "/etc/cactus/validator_socketio_indy/CA/connector.csr" \ + -subj "/C=JP/ST=Tokyo/L=Minato-Ku/O=CactusSamples/CN=IndyValidator" + openssl req -x509 -sha256 -days 365 -key "/etc/cactus/validator_socketio_indy/CA/connector.priv" \ + -in "/etc/cactus/validator_socketio_indy/CA/connector.csr" \ + -out "/etc/cactus/validator_socketio_indy/CA/connector.crt" + ``` 1. Build and run validator container: - ``` - docker build . -t indy-validator - docker run -v/etc/cactus/:/etc/cactus --rm --net="indy-testnet_indy_net" -p 10080:8000 indy-validator - ``` + ``` + docker build . -t indy-validator + + docker run -v/etc/cactus/:/etc/cactus --rm --net="indy-testnet_indy_net" -p 10080:8000 indy-validator + ``` + 1. Open separate console, install dependencies and run the testing script: - ``` - cd testcli/ - ln -s /etc/cactus/validator_socketio_indy/CA/connector.crt . - npm install - node testsock.js - ``` - - Output should look like this: - ``` - connect - AVE5voPzdLLEcm5kAAAD - websocket - call nop! - call request2. get schema request. - #[recv]response, res: [object Object] - call verify() - ##signsignature: .... - Authentication OK - ##decoded: { - result: [ - 'Apyv5EV88KoZRqtXMmaeXV:2:Job-Certificate:0.2', - '{"ver":"1.0","id":"Apyv5EV88KoZRqtXMmaeXV:2:Job-Certificate:0.2","name":"Job-Certificate","version":"0.2","attrNames":["experience","last_name","salary","first_name","employee_status"],"seqNo":19}' - ] - } - OK - Done. - ``` + + ``` + cd testcli/ + ln -s /etc/cactus/validator_socketio_indy/CA/connector.crt . + npm install + node testsock.js + ``` + + Output should look like this: + + ``` + connect + AVE5voPzdLLEcm5kAAAD + websocket + call nop! + call request2. get schema request. + #[recv]response, res: [object Object] + call verify() + ##signsignature: .... + Authentication OK + ##decoded: { + result: [ + 'Apyv5EV88KoZRqtXMmaeXV:2:Job-Certificate:0.2', + '{"ver":"1.0","id":"Apyv5EV88KoZRqtXMmaeXV:2:Job-Certificate:0.2","name":"Job-Certificate","version":"0.2","attrNames":["experience","last_name","salary","first_name","employee_status"],"seqNo":19}' + ] + } + OK - Done. + ``` ## Manual Test + - Validator used by `cactus-example-discounted-asset-trade` sample app. diff --git a/packages-python/cactus_validator_socketio_indy/setup.py b/packages-python/cactus_validator_socketio_indy/setup.py index 1df62d703e..fd9c7434ee 100644 --- a/packages-python/cactus_validator_socketio_indy/setup.py +++ b/packages-python/cactus_validator_socketio_indy/setup.py @@ -7,7 +7,7 @@ with codecs.open(os.path.join(here, 'README.md'), encoding="utf-8") as fh: LONG_DESCRIPTION = f'/n{fh.read()}' - + VERSION = '0.0.1' DESCRIPTION = 'Python Cactus Validator Indy' @@ -60,41 +60,34 @@ include_package_data=True, url='https://github.com/hyperledger/cactus/tree/main/packages-python/cactus_validator_socketio_indy', install_requires=[ - 'testresources==2.0.1', - 'base58==2.1.0', - 'bidict==0.21.4', - 'certifi==2023.7.22', - 'cffi==1.14.6', - 'charset-normalizer==2.0.3', - 'click==8.0.1', + 'base58==2.1.1', + 'bidict==0.22.1', + 'blinker==1.6.2', + ' cffi==1.15.1', + 'click==8.1.6', 'cryptography==41.0.3', 'dnspython==1.16.0', 'eventlet==0.31.1', 'Flask==2.3.2', 'Flask-SocketIO==5.1.1', - 'gevent==21.1.2', - 'greenlet==1.1.0', - 'idna==3.2', - 'itsdangerous==2.0.1', - 'Jinja2==3.0.1', - 'MarkupSafe==2.0.1', - 'pycparser==2.20', + 'greenlet==2.0.2', + 'importlib-metadata==6.8.0', + 'itsdangerous==2.1.2', + 'Jinja2==3.1.2', + 'MarkupSafe==2.1.3', + 'pycparser==2.21', 'PyJWT==2.4.0', - 'python-engineio==4.3.0', - 'python-socketio==5.5.0', + 'python-engineio==4.5.1', + 'python-socketio==5.8.0', 'python3-indy==1.16.0', 'PyYAML==5.4.1', - 'requests==2.31.0', 'six==1.16.0', - 'urllib3==1.26.6', - 'websocket==0.2.1', - 'Werkzeug==2.2.3', - 'zope.event==4.5.0', - 'zope.interface==5.4.0' + 'Werkzeug==2.3.6', + 'zipp==3.16.2' ], classifiers=[ 'Development Status :: Initial version', 'Programming Language :: Python :: 3', 'Intended Audience :: Developers' ] -) +) \ No newline at end of file diff --git a/packages-python/cactus_validator_socketio_indy/validator-python/.gitignore b/packages-python/cactus_validator_socketio_indy/validator-python/.gitignore index d9d719b440..812051fcf6 100644 --- a/packages-python/cactus_validator_socketio_indy/validator-python/.gitignore +++ b/packages-python/cactus_validator_socketio_indy/validator-python/.gitignore @@ -1,2 +1,4 @@ __pycache__ *.log +.venv +venv \ No newline at end of file diff --git a/packages-python/cactus_validator_socketio_indy/validator-python/requirements.txt b/packages-python/cactus_validator_socketio_indy/validator-python/requirements.txt index 6f6e58b14c..e14823bdb9 100644 --- a/packages-python/cactus_validator_socketio_indy/validator-python/requirements.txt +++ b/packages-python/cactus_validator_socketio_indy/validator-python/requirements.txt @@ -1,30 +1,24 @@ -base58==2.1.0 -bidict==0.21.4 -certifi==2023.7.22 -cffi==1.14.6 -charset-normalizer==2.0.3 -click==8.0.1 +base58==2.1.1 +bidict==0.22.1 +blinker==1.6.2 +cffi==1.15.1 +click==8.1.6 cryptography==41.0.3 dnspython==1.16.0 eventlet==0.31.1 Flask==2.3.2 Flask-SocketIO==5.1.1 -gevent==21.1.2 -greenlet==1.1.0 -idna==3.2 -itsdangerous==2.0.1 -Jinja2==3.0.1 -MarkupSafe==2.0.1 -pycparser==2.20 +greenlet==2.0.2 +importlib-metadata==6.8.0 +itsdangerous==2.1.2 +Jinja2==3.1.2 +MarkupSafe==2.1.3 +pycparser==2.21 PyJWT==2.4.0 -python-engineio==4.3.0 -python-socketio==5.5.0 +python-engineio==4.5.1 +python-socketio==5.8.0 python3-indy==1.16.0 PyYAML==5.4.1 -requests==2.31.0 six==1.16.0 -urllib3==1.26.6 -websocket==0.2.1 -Werkzeug==2.2.3 -zope.event==4.5.0 -zope.interface==5.4.0 +Werkzeug==2.3.6 +zipp==3.16.2 diff --git a/tools/docker/fabric-all-in-one/docker-compose-v2.x.yml b/tools/docker/fabric-all-in-one/docker-compose-v2.x.yml index 8422d8a77f..d19c4b9e80 100644 --- a/tools/docker/fabric-all-in-one/docker-compose-v2.x.yml +++ b/tools/docker/fabric-all-in-one/docker-compose-v2.x.yml @@ -17,7 +17,11 @@ services: - "8054:8054" # ca_org2 - "9054:9054" # ca_orderer environment: - - FABRIC_VERSION=${CACTUS_FABRIC_ALL_IN_ONE_VERSION:-2.2.0} + - FABRIC_VERSION=${CACTUS_FABRIC_ALL_IN_ONE_VERSION:-2.4.4} + - FABRIC_NODEENV_VERSION=${CACTUS_FABRIC_ALL_IN_ONE_NODEENV_VERSION:-2.4.2} + - CA_VERSION=${CACTUS_FABRIC_ALL_IN_ONE_CA_VERSION:-1.5.3} + - COUCH_VERSION_FABRIC=${CACTUS_FABRIC_ALL_IN_ONE_COUCH_VERSION_FABRIC:-0.4} + - COUCH_VERSION=${CACTUS_FABRIC_ALL_IN_ONE_COUCH_VERSION:-3.2.2} - CACTUS_FABRIC_TEST_LOOSE_MEMBERSHIP=1 networks: - testnet-2x diff --git a/tools/docker/indy-sdk-cli/Dockerfile b/tools/docker/indy-sdk-cli/Dockerfile index 06bd8366c4..1e03203b52 100644 --- a/tools/docker/indy-sdk-cli/Dockerfile +++ b/tools/docker/indy-sdk-cli/Dockerfile @@ -1,10 +1,12 @@ # Indy-SDK CLI Image # Contains node and python environments and indy SDK, can be used as base for indy development. -FROM ubuntu:bionic +FROM ubuntu:bionic-20230530 ENV DEBIAN_FRONTEND 'noninteractive' +WORKDIR /home/setup + RUN apt-get update \ && apt-get install -y \ gnupg \ @@ -13,15 +15,18 @@ RUN apt-get update \ curl \ dirmngr \ apt-transport-https \ - lsb-release ca-certificates \ + lsb-release \ + ca-certificates \ gcc \ g++ \ make \ && rm -rf /var/lib/apt/lists/* -# NodeJS and indy-sdk -RUN curl -sL https://deb.nodesource.com/setup_14.x | bash - \ - && apt-key adv --keyserver keyserver.ubuntu.com --recv-keys CE7709D068DB5E88 \ +# NodeJS +RUN curl -sL https://deb.nodesource.com/setup_16.x | bash - + +# Indy-sdk +RUN apt-key adv --keyserver keyserver.ubuntu.com --recv-keys CE7709D068DB5E88 \ && add-apt-repository "deb https://repo.sovrin.org/sdk/deb bionic stable" \ && apt-get update && apt-get install -y \ nodejs \ diff --git a/tools/docker/indy-sdk-cli/README.md b/tools/docker/indy-sdk-cli/README.md index aee1b2ca56..f7df88eef6 100644 --- a/tools/docker/indy-sdk-cli/README.md +++ b/tools/docker/indy-sdk-cli/README.md @@ -12,3 +12,6 @@ ``` docker build . -t indy-sdk-cli ``` + +## Notes +- In case of `gpg: keyserver receive failed: Cannot assign requested address` error - retry until it succeeds. This is some spurious error with keyserver connection.