tools(fabric2-all-in-one): fix multiple vulnerabilities - 2023-08-17

Hard to dertermine which exact vulnerabilities will this be fixing because other pull requests also upgrade the image version of this container in the time while the pull request for this commit was open. Nevertheless, it is an upgrade of versions and therefore some of the CVEs are very likely getting addressed by it. Fixes #2057 Co-authored-by: Peter Somogyvari <[email protected]> Signed-off-by: zondervancalvez <[email protected]> Signed-off-by: Peter Somogyvari <[email protected]>
hyperledger-cacti · Aug 18, 2023 · 7864d5d · 7864d5d
1 parent 50f5c02
commit 7864d5d
Show file tree

Hide file tree

Showing 7 changed files with 41 additions and 23 deletions.
diff --git a/...ctus-plugin-ledger-connector-fabric/src/main/typescript/plugin-ledger-connector-fabric.ts b/...ctus-plugin-ledger-connector-fabric/src/main/typescript/plugin-ledger-connector-fabric.ts
@@ -1108,7 +1108,7 @@ export class PluginLedgerConnectorFabric
     req: RunTransactionRequest,
   ): Promise<RunTransactionResponse> {
     const fnTag = `${this.className}#transact()`;
-
+    this.log.debug("%s ENTER", fnTag);
     const {
       channelName,
       contractName,
@@ -1121,13 +1121,27 @@ export class PluginLedgerConnectorFabric
     } = req;
 
     try {
+      this.log.debug("%s Creating Fabric Gateway instance...", fnTag);
       const gateway = await this.createGateway(req);
       // const gateway = await this.createGatewayLegacy(req.signingCredential);
+      this.log.debug("%s Obtaining Fabric gateway network instance...", fnTag);
       const network = await gateway.getNetwork(channelName);
-      // const channel = network.getChannel();
-      // const endorsers = channel.getEndorsers();
+      this.log.debug("%s Obtaining Fabric contract instance...", fnTag);
       const contract = network.getContract(contractName);
 
+      const channel = network.getChannel();
+      const endorsers = channel.getEndorsers();
+
+      const endorsersMetadata = endorsers.map((x) => ({
+        mspid: x.mspid,
+        discovered: x.discovered,
+        endpoint: x.endpoint,
+        name: x.name,
+        hasChaincode: x.hasChaincode(contractName),
+        isTLS: x.isTLS(),
+      }));
+      this.log.debug("%s Endorsers metadata: %o", fnTag, endorsersMetadata);
+
       let out: Buffer;
       let success: boolean;
       let transactionId = "";
@@ -1138,7 +1152,10 @@ export class PluginLedgerConnectorFabric
           break;
         }
         case FabricContractInvocationType.Send: {
+          this.log.debug("%s Creating tx instance on %s", fnTag, contractName);
+          this.log.debug("%s Endorsing peers: %o", fnTag, req.endorsingPeers);
           const tx = contract.createTransaction(fnName);
+          this.log.debug("%s Created TX OK %o", fnTag, tx);
           if (req.endorsingPeers) {
             const { endorsingPeers } = req;
             const channel = network.getChannel();
@@ -1168,8 +1185,11 @@ export class PluginLedgerConnectorFabric
             );
             tx.setEndorsingPeers(endorsers);
           }
+          this.log.debug("%s Submitting TX... (%o)", fnTag, params);
           out = await tx.submit(...params);
+          this.log.debug("%s Submitted TX OK (%o)", fnTag, params);
           transactionId = tx.getTransactionId();
+          this.log.debug("%s Obtained TX ID OK (%s)", fnTag, transactionId);
           success = true;
           break;
         }

diff --git a/...ic/src/test/typescript/integration/fabric-v2-2-x/deploy-cc-from-javascript-source.test.ts b/...ic/src/test/typescript/integration/fabric-v2-2-x/deploy-cc-from-javascript-source.test.ts
@@ -287,7 +287,7 @@ test(testCase, async (t: Test) => {
   // does the same thing, it just waits 10 seconds for good measure so there
   // might not be a way for us to avoid doing this, but if there is a way we
   // absolutely should not have timeouts like this, anywhere...
-  await new Promise((resolve) => setTimeout(resolve, 10000));
+  await new Promise((resolve) => setTimeout(resolve, 30000));
 
   const assetId = uuidv4();
   const assetOwner = uuidv4();

diff --git a/...ic/src/test/typescript/integration/fabric-v2-2-x/deploy-cc-from-typescript-source.test.ts b/...ic/src/test/typescript/integration/fabric-v2-2-x/deploy-cc-from-typescript-source.test.ts
@@ -320,7 +320,7 @@ test(testCase, async (t: Test) => {
   // does the same thing, it just waits 10 seconds for good measure so there
   // might not be a way for us to avoid doing this, but if there is a way we
   // absolutely should not have timeouts like this, anywhere...
-  await new Promise((resolve) => setTimeout(resolve, 10000));
+  await new Promise((resolve) => setTimeout(resolve, 30000));
 
   const assetId = uuidv4();
   const assetOwner = uuidv4();

diff --git a/...-fabric/src/test/typescript/integration/fabric-v2-2-x/run-transaction-endpoint-v1.test.ts b/...-fabric/src/test/typescript/integration/fabric-v2-2-x/run-transaction-endpoint-v1.test.ts
@@ -228,8 +228,8 @@ describe(testCase, () => {
       const assets = JSON.parse(res.data.functionOutput);
       const asset277 = assets.find((c: { ID: string }) => c.ID === assetId);
       expect(asset277).toBeTruthy();
-      expect(asset277.owner).toBeTruthy();
-      expect(asset277.owner).toEqual(assetOwner);
+      expect(asset277.Owner).toBeTruthy();
+      expect(asset277.Owner).toEqual(assetOwner);
     }
 
     {
@@ -302,8 +302,8 @@ describe(testCase, () => {
       const assets = JSON.parse(res.data.functionOutput);
       const asset277 = assets.find((c: { ID: string }) => c.ID === assetId);
       expect(asset277).toBeTruthy();
-      expect(asset277.owner).toBeTruthy();
-      expect(asset277.owner).toEqual(assetOwner);
+      expect(asset277.Owner).toBeTruthy();
+      expect(asset277.Owner).toEqual(assetOwner);
     }
   });
 });
diff --git a/...ric/src/test/typescript/integration/fabric-v2-2-x/run-transaction-with-identities.test.ts b/...ric/src/test/typescript/integration/fabric-v2-2-x/run-transaction-with-identities.test.ts
@@ -366,7 +366,7 @@ test("run-transaction-with-identities", async (t: Test) => {
       });
       t.true(resp.success);
       const asset = JSON.parse(resp.functionOutput);
-      t.equal(asset.owner, "client2");
+      t.equal(asset.Owner, "client2");
     }
     t.end();
   });

diff --git a/packages/cactus-test-tooling/src/main/typescript/fabric/fabric-test-ledger-v1.ts b/packages/cactus-test-tooling/src/main/typescript/fabric/fabric-test-ledger-v1.ts
@@ -80,8 +80,8 @@ export interface LedgerStartOptions {
 
 export const DEFAULT_FABRIC_2_AIO_IMAGE_NAME =
   "ghcr.io/hyperledger/cactus-fabric2-all-in-one";
-export const DEFAULT_FABRIC_2_AIO_IMAGE_VERSION = "2023-08-05-issue2358";
-export const DEFAULT_FABRIC_2_AIO_FABRIC_VERSION = "2.2.13";
+export const DEFAULT_FABRIC_2_AIO_IMAGE_VERSION = "2023-08-17-issue2057-pr2135";
+export const DEFAULT_FABRIC_2_AIO_FABRIC_VERSION = "2.4.4";
 
 /*
  * Provides default options for Fabric container

diff --git a/tools/docker/fabric-all-in-one/Dockerfile_v2.x b/tools/docker/fabric-all-in-one/Dockerfile_v2.x
@@ -1,12 +1,10 @@
-# We need to use the older, more stable v18 here because of
-# https://github.com/docker-library/docker/issues/170
 FROM docker:24.0.5-dind
 
-ARG FABRIC_VERSION=2.2.13
+ARG FABRIC_VERSION=2.4.4
 ARG FABRIC_NODEENV_VERSION=2.4.2
-ARG CA_VERSION=1.4.9
+ARG CA_VERSION=1.5.3
 ARG COUCH_VERSION_FABRIC=0.4
-ARG COUCH_VERSION=3.1.1
+ARG COUCH_VERSION=3.2.2
 
 WORKDIR /
 
@@ -172,10 +170,10 @@ RUN /bootstrap.sh ${FABRIC_VERSION} ${CA_VERSION} -d
 # Update the image version used by the Fabric peers when installing chaincodes.
 # This is necessary because the older (default) image uses NodeJS v12 and npm v6
 # But we need at least NodeJS 16 and npm v7 for the dependency installation to work.
-RUN sed -i "s/fabric-nodeenv:\$(TWO_DIGIT_VERSION)/fabric-nodeenv:${FABRIC_NODEENV_VERSION}/g" /fabric-samples/config/core.yaml
+RUN sed -i "s/fabric-nodeenv:\$(TWO_DIGIT_VERSION)/fabric-nodeenv:${FABRIC_NODEENV_VERSION}/g" /fabric-samples/test-network/compose/docker/peercfg/core.yaml
 
 # Set the log level of the peers and other containers to DEBUG instead of the default INFO
-RUN sed -i "s/FABRIC_LOGGING_SPEC=INFO/FABRIC_LOGGING_SPEC=DEBUG/g" /fabric-samples/test-network/docker/docker-compose-test-net.yaml
+RUN sed -i "s/FABRIC_LOGGING_SPEC=INFO/FABRIC_LOGGING_SPEC=DEBUG/g" /fabric-samples/test-network/compose/docker/docker-compose-test-net.yaml
 
 # Update the docker-compose file of the fabric-samples repo so that the 
 # core.yaml configuration file of the peer containers can be customized.
@@ -185,13 +183,13 @@ RUN sed -i "s/FABRIC_LOGGING_SPEC=INFO/FABRIC_LOGGING_SPEC=DEBUG/g" /fabric-samp
 # an error when the peer tries to install the dependencies as part of the
 # chaincode installation.
 RUN yq '.services."peer0.org1.example.com".volumes += "../..:/opt/gopath/src/github.com/hyperledger/fabric-samples"' \
-    --inplace /fabric-samples/test-network/docker/docker-compose-test-net.yaml
+    --inplace /fabric-samples/test-network/compose/docker/docker-compose-test-net.yaml
 RUN yq '.services."peer0.org1.example.com".volumes += "../../config/core.yaml:/etc/hyperledger/fabric/core.yaml"' \
-    --inplace /fabric-samples/test-network/docker/docker-compose-test-net.yaml
+    --inplace /fabric-samples/test-network/compose/docker/docker-compose-test-net.yaml
 RUN yq '.services."peer0.org2.example.com".volumes += "../..:/opt/gopath/src/github.com/hyperledger/fabric-samples"' \
-    --inplace /fabric-samples/test-network/docker/docker-compose-test-net.yaml
+    --inplace /fabric-samples/test-network/compose/docker/docker-compose-test-net.yaml
 RUN yq '.services."peer0.org2.example.com".volumes += "../../config/core.yaml:/etc/hyperledger/fabric/core.yaml"' \
-    --inplace /fabric-samples/test-network/docker/docker-compose-test-net.yaml
+    --inplace /fabric-samples/test-network/compose/docker/docker-compose-test-net.yaml
 
 # Install supervisord because we need to run the docker daemon and also the fabric network
 # meaning that we have multiple processes to run.