The deliver service is currently quite ambiguous about the error
condition when the channel returned by Errored() closes.  This is likely
because this message could be returned by a peer or orderer.  However,
in reality, the only time this condition ever occurs is because of a
consenter error.  In the interest of serviceability, this CR makes the
error message more specific, making a note that we should handle
generalizing it if the peer ever implements this function.

Change-Id: I5c2dfb8fa4ba32c34660b69b5facf90291ee17f3
Signed-off-by: Jason Yellick <jyellick@us.ibm.com>

We need to add simpleCollectionStore interface in the
transactionContext so that we can check whether the creator
has access to the collection or not.

FAB-13038 #done

Change-Id: I5b150bb751bd22451b546b8c1028e54f1f1ca884
Signed-off-by: senthil <cendhu@gmail.com>

This CR introduces a dependency of ledger package on metrics provider
and passes down the metrics provider from peer to ledgermgmt

Change-Id: I0af8c4b685996c0fad610c17249f9307bf523237
Signed-off-by: manish <manish.sethi@gmail.com>

- Register token tx Processor with customtx
- Correct the method name in FabricIdentityDeserializerManager

Change-Id: I3dc1c7aa1eac1b37bf6a7eeaac08484806f7fb69
Signed-off-by: Wenjian Qiao <wenjianq@gmail.com>

Change-Id: I1f52050868f9594e5fc4f624f076cfbbf137c07c
Signed-off-by: Hui Kang <kangh@us.ibm.com>

had to refactor a bit, as membership provider creation was
dependant on collectionStore, which is created per channel,
therefore membership provider was also created per channel.

changed it such that we can create a single membership provider

FAB-11780 - #done

Change-Id: I2c44ebf00d6eea1fc1d713b3168328f95074c6b5
Signed-off-by: nirro <nirro@il.ibm.com>

Previously block processing would log a single statement like this:

<timestamp> Channel [myc]: Committed block [16] with 1 transaction(s)

To receive any more information, operators would have to turn
on debug, which provides an overwhelming amount of information.

A middle ground is needed, where operators receive the most
important block processing information (high level steps and timings)
to help them understand peer health and bottlenecks,
but without the overwhelming amount of debug noise.

This change improves the INFO logging per block as follows:

<timestamp> [myc] Received block [57] from buffer
<timestamp> [myc] Validated block [57] in 5ms
<timestamp> [myc] Committed block [57] with 1 transaction(s) in 24ms
                  (state_validation=7ms block_commit=0ms state_commit=16ms)

This change also:
- improves core.yaml defaults to pick up some important gossip INFO
statements (without adding noise)
- standardizes on the log statement prefix of [channel_name]
- starts to roll the [channel_name] prefix down to debug statements
  (a full sweep can be done in a next release)
- standardizes timings to utilize ms (milliseconds)

Change-Id: I97f3b307a167ce8f445f3cc625bad3b2282b026d
Signed-off-by: David Enyeart <enyeart@us.ibm.com>
Signed-off-by: yacovm <yacovm@il.ibm.com>
Signed-off-by: manish <manish.sethi@gmail.com>

This CR implements interface 'DeployedChaincodeInfoProvider'
based on the current logic of how lscc maintains
chaincode and collection configuration information

FAB-11563 #done

Change-Id: I2ca75040e3c219b353c3140d2f326e9bc74898e6
Signed-off-by: manish <manish.sethi@gmail.com>

This CR
- Introduces an interface 'DeployedChaincodeInfoProvider'
for decoupling the ledger code from chaincode lifecycle code

- Declares ledger's dependency on this interface explicitly.
The intent is that ledger code will use this dependency for
listening to chaincode lifecycle events and for querying
the information about the deployed chaicodes

- Introduces a convenient function in legder that other modules
can use directly to get information about the chaincodes

FAB-11562 #done

Change-Id: I3eb0e798f00ceb18203128fd9da93822fc2bca2b
Signed-off-by: manish <manish.sethi@gmail.com>

This CR reworks the ledger interfaces and implementations
used by the Deliver service to remove the ReadyChan() function,
which has not been used since FAB-7273 was merged. The
chainSupport struct for the peer is also updated to only
include the ledger. The file ledger is now returned when
Reader() is called by the deliver service.

FAB-7382 #done

Change-Id: I6d08f30b9093ec3120cdeee749aa51afe54e2cdc
Signed-off-by: Will Lahti <wtlahti@us.ibm.com>

Many of the assorted 'utils' functions actually reach into the
core/chaincode/platforms package to determine whether packages are
valid.  This historically has all been done in a source-coupled way,
pulling peer details into places it does not belong.  Although these
'util' functions should be refactored and removed, for the time being,
we can at least make the dependency on the platforms package explicit,
but requiring that an instance be passed into these util functions.

This has quite the ripple throughout the code, but the CR itself should
be trivial to review.

Change-Id: I0cc36e2f307474ddba7f6d20028a46f3aa94faf5
Signed-off-by: Jason Yellick <jyellick@us.ibm.com>

This CR cleans up the panic messages when unsupported capabilities
are detected. The messages were seemingly written to include simply
the channel ID instead of the entire ConfigtxValidator() object.
This CR also cleans up a few other error messages and a linter problem.

Change-Id: I337dc6cdecc7c4ab897e414530798e5659bf85e5
Signed-off-by: Will Lahti <wtlahti@us.ibm.com>

This  change set attaches the transient store to endorser
plugins in order to support endorsement plugins that need
access to un-committed private data.

Change-Id: I3eace47ee9fe82c4bdc2e035df6b280d8d58f8c5
Signed-off-by: yacovm <yacovm@il.ibm.com>

This change set attaches pluggable validation to the peer
and makes the default validation be a plugin

Change-Id: I819b9c536869bb7e89bc7ce052f89f2889a3b23a
Signed-off-by: yacovm <yacovm@il.ibm.com>

There is possible data race condition while distributing private data,
since now we have to support dynamic collections, where it's possible
that collection config might be updated right after the endorsement,
therefore in distributor while looking up for collection config from
collection store we might get updated config which might be not lober
relevant for the private data in context.

This commit refactors the distribution flow my actually making use of
the collection config which is available at the endorsement time,
which also allows to optimize, since reduces the need to execute
queries with collection store. Additional since using collection config
which was available during endorsement allows to elliminate the race
condition. Addresses comments of code-review: CR-21491.

Change-Id: I0d3c682a613bf3ae5b46e32230fadf6b12895fdf
Signed-off-by: Artem Barger <bartem@il.ibm.com>

Dependencies on ChaincodeProvider are now explicit and are satisfied as
function arguments or object dependencies.

Change-Id: Iad1f2a9fd3a13710e5b33ad60431172212f7613d
Signed-off-by: Matthew Sykes <sykesmat@us.ibm.com>

This change set makes the collection store have a non-instanced method
for collection config retrieval.

This is needed both for pluggable validation, and for service discovery.

Change-Id: Ic7455727a4618c907b2112480e160a53bb6f6ebe
Signed-off-by: yacovm <yacovm@il.ibm.com>

Removed configtx resources tree

Change-Id: I4a98a703d816b600ab9f5c05991377c7fd83f7a9
Signed-off-by: Srinivasan Muralidharan <srinivasan.muralidharan99@gmail.com>

The assorted singletons in the peer code are a constant obstacle to
writing testable code.  This CR removes the sysccprovider singleton and
instead takes the interface implementation as context when necessary.

Change-Id: Iffc690c6649ff80cc9e43970cb47a2b179564734
Signed-off-by: Jason Yellick <jyellick@us.ibm.com>

This CR sets the stage for removing resources tree by implementing
ACL (resource-policy mapping) in channelconfig currently provided
by resourcesconfig package.

Functionally, the ACL function is ready for use. Subsequent CRs
will remove resources tree and do any cleanup necessary (such as
replacing "API" with "Resource").

Change-Id: I71793a968b7d98970ebe87dbc806b37948fb4329
Signed-off-by: Srinivasan Muralidharan <srinivasan.muralidharan99@gmail.com>

Refactor deliver to use generated mocks and demonstrate
unit testing via ginkgo.

Change-Id: Ib00fec78bc0be9b22f977748185b8c4879d77f0c
Signed-off-by: Matthew Sykes <sykesmat@us.ibm.com>
Signed-off-by: Will Lahti <wtlahti@us.ibm.com>

The contructors for the gRPC client and server were
actually returning interfaces rather than
concrete types.  As there was really no use for
the interfaces in the package, the interfaces
were removed and concrete types are now public and
returned from the constructors.

Additionally, some cleanup on the types as well
to remove redundant fields.

Change-Id: I1c82f77aab3419fcde4f04e6a083428b85086bae
Signed-off-by: Gari Singh <gari.r.singh@gmail.com>

This introduces an interface that represents the currently exported
functions of the peer. An instance of the interface is created during
package initialization which delegates to the existing functions.

- References to the peer functions in endorser.Support are replaced with a
  reference to the peer singleton.
- CreatePeerServer is renamed to the more idiomatic NewPeerServer as it
  is a constructor
- PeerSupportFactory is removed and an instance of PeerSupport is
  provided to endorser.SupportImpl and scc.ProviderFactory

Change-Id: I07ae90092be8349bed60686f7b04a5b9ab02382a
Signed-off-by: Matthew Sykes <sykesmat@us.ibm.com>

Production and test should not be co-mingled in the same files.

The mock initialization functions are currently referenced by code
outside of the peer package and can't be moved to an _test.go file
right now without introducing compilation errors.

Change-Id: I179c21f9268d464b4a8d583066e5f122b2141dc4
Signed-off-by: Matthew Sykes <sykesmat@us.ibm.com>

It's no longer referenced

Change-Id: I3487ba2fa9bcf60e5bf93d19c026dab09e336eb0
Signed-off-by: Matthew Sykes <sykesmat@us.ibm.com>

Bad configs will cause channel config components to
return nil channelconfig. This can happen with
handcrafted configs using configtxlator tool.

This is really a side effect of not catching an earlier
error. Fixing the root cause.

Change-Id: I01828d8e2c1520a3c694c49587e5aca3867681d3
Signed-off-by: Srinivasan Muralidharan <srinivasan.muralidharan99@gmail.com>

The v1.1 peer code added config transaction processing to store the
channel config in the state database.  This is the more obviously
correct way to store config, but on upgrade, the state database will not
already have stored a copy of the config.

This CR adds back the old config processing code to extract the channel
config from the config block in the event that it is not stored in the
statedb.

Change-Id: Ied88406d92dd8d6d33d45a6d5eb3b05375270905
Signed-off-by: Jason Yellick <jyellick@us.ibm.com>

When https://gerrit.hyperledger.org/r/#/c/16037/

 is going to be merged,
the custom ACL is going to reside in the resource config.

The deliver service in the peer would need a way to re-evaluate clients
when a resource config has occurred.

The current code exposes a method to the support of the deliver service
that returns the sequence of the latest channel config.
The access control logic in the deliver service, caches this sequence,
and before sending out a block - it checks if the config has changed,
and if it did - re-evaluates the policies.

This change set, simply makes this sequence to be the sum
of both resource config sequences, and channel config sequences.

Since both sequences are monotonously increasing, the sum is also
monotonously increasing, and therefore we can present to the deliver
service access control logic the sum as the sequence, without
changing anything else.

Change-Id: Ib3cc04c51f21598027fb8eae68d04b027184f52f
Signed-off-by: yacovm <yacovm@il.ibm.com>

With FAB-7490, the peer CLI communication code
was refactored to use the comm.GRPCClient.

There are a few functions which are no longer
called in core/peer which have now been
removed.

Additionally, the comm.InitTLSForPeer function
is no longer needed by any of the main code paths.
As it was only included in a few tests (but never
actually executed) , it has been removed as well.

An additional benefit is that this removes viper
from the core/comm package as well.

Change-Id: I0c25f9896dc7caf8cb8d86d6f85ce89270c34b00
Signed-off-by: Gari Singh <gari.r.singh@gmail.com>

After FAB-7521, the peer deliver service is unusable because the
BLOCKEVENT policy is not set by default. This CR uses the aclmgmt
package, which will check for the policy and, if not set, use the
default value (in this case, channel readers). It also restores the
behave tests to their previous state to ensure peer deliver remains
usable by default.

Change-Id: I46e71853881271539e28a110ce8b81d3bd248d19
Signed-off-by: Will Lahti <wtlahti@us.ibm.com>

If the experimental resources tree support is enabled, but the genesis
block does not contain a seed resources tree, then an error is thrown
because the config is nil.  This CR simply checks for the nil case, and
if so, uses an empty resources tree as the seed.

Change-Id: I7c031d5c450cf9601175fc04a7d2c5355f051b7a
Signed-off-by: Jason Yellick <jyellick@us.ibm.com>

The only remaining codepaths which used the lifecycle via config were
the resources tree for ACL ones.  As this is experiemental, have added
this capability such that it can only be enabled in experimental builds.

Change-Id: I84d6e5becabcd4397aff8f966bde83add266a30e
Signed-off-by: Jason Yellick <jyellick@us.ibm.com>

While reusing deliverer API as a blocks event source at peer we need to
lookup for correct policy name based on the RSCC resource API definition
name. This commit adds a factory method which introduces level of
indirection to allow lookup of correct policy name based on the deliver
API initialization handler.

Change-Id: Ib896736793722549f035cca9e0b6a4c871050615
Signed-off-by: Artem Barger <bartem@il.ibm.com>

This change sets switches the implementation of the collection store
from the No-op collection store to the simple collection store.

Change-Id: I38e5e1d8c25ad260eb6077e3aee9ff8f4f9c3664
Signed-off-by: yacovm <yacovm@il.ibm.com>

Peer deliver panics when it receives a seek info request for a channel
that does not exist. This CR checks that the channel exists before
accessing the chainSupport for the channel.

Change-Id: I6645285b2197250d5a9318dc07ee38451abe3c75
Signed-off-by: Will Lahti <wtlahti@us.ibm.com>

This change set introduces the proper implementation for the ChaincodeByName
function exposed by the Support interface for the endorser.

Change-Id: If70b5e8171a4cffcbbd941220994f477fe5e4b0c
Signed-off-by: Alessandro Sorniotti <ale.linux@sopit.net>

Added GetConfigTree and SimulateConfigTreeUpdate verbs
to the configuration system chaincode.

Change-Id: I43cff8078c956b2ed73611f0cd6c8d4acb57f904
Signed-off-by: Anil Ambati <aambati@us.ibm.com>
Signed-off-by: yacovm <yacovm@il.ibm.com>

This CR exposes the deliver service on a peer, which will allow clients
to retrieve blocks using the same mechanism that is available on the
orderer.

Change-Id: Iafcbcf32c7a448680a6726ae4cca5fb94832e68b
Signed-off-by: Will Lahti <wtlahti@us.ibm.com>

This CR introduces a custom transaction processor that processes
resource config update transactions. Ledger invokes this processor
for transactions of type CONFIG, and PEER_RESOURCE_UPDATE
during the validation and commit phase of a block processing.

For CONFIG, this simply stores the config in the statedb.
For PEER_RESOURCE_UPDATE - In a normal course, this validates the transaction
against the current resource bundle, computes the full configuration, and
stores the full configuration if the transaction is found valid.

However, during initialization of ledger (i.e., either the ledger is being
created from the genesis block or the ledger is synching the state with the
blockchain during start up - possibly prommpted by a peer crash last time),
the full config is computed using the most recent configs from statedb, if found.

Change-Id: Ia18432e8cede18d378b820c13019acc2995197a4
Signed-off-by: manish <manish.sethi@gmail.com>

This change set introduces support at the committer side
for the config-tree-based chaincode lifecycle management.

Change-Id: Id75460a58347f29dd407361e8a77947993c6237d
Signed-off-by: Alessandro Sorniotti <ale.linux@sopit.net>