From 4f69b64a6e991823e9b9c84d3ba96a16f6c44a2c Mon Sep 17 00:00:00 2001
From: Josh Kneubuhl <jkneubuh@us.ibm.com>
Date: Mon, 31 Jan 2022 14:24:17 -0500
Subject: [PATCH] run E2E test using TLS certificates issued by cert-manager.io

Signed-off-by: Josh Kneubuhl <jkneubuh@us.ibm.com>
---
 .../application-gateway-typescript/src/app.ts | 51 +++++++++++++++----
 ci/scripts/run-k8s-test-network-basic.sh      |  5 +-
 2 files changed, 45 insertions(+), 11 deletions(-)

diff --git a/asset-transfer-basic/application-gateway-typescript/src/app.ts b/asset-transfer-basic/application-gateway-typescript/src/app.ts
index bd4dff49..e534c012 100644
--- a/asset-transfer-basic/application-gateway-typescript/src/app.ts
+++ b/asset-transfer-basic/application-gateway-typescript/src/app.ts
@@ -11,29 +11,44 @@ import { promises as fs } from 'fs';
 import * as path from 'path';
 import { TextDecoder } from 'util';
 
-const channelName = 'mychannel';
-const chaincodeName = 'basic';
-const mspId = 'Org1MSP';
+const channelName = envOrDefault('CHANNEL_NAME', 'mychannel');
+const chaincodeName = envOrDefault('CHAINCODE_NAME', 'basic');
+const mspId = envOrDefault('MSP_ID', 'Org1MSP');
 
 // Path to crypto materials.
-const cryptoPath = path.resolve(__dirname, '..', '..', '..', 'test-network', 'organizations', 'peerOrganizations', 'org1.example.com');
+const cryptoPath = envOrDefault('CRYPTO_PATH', path.resolve(__dirname, '..', '..', '..', 'test-network', 'organizations', 'peerOrganizations', 'org1.example.com'));
 
 // Path to user private key directory.
-const keyDirectoryPath = path.resolve(cryptoPath, 'users', 'User1@org1.example.com', 'msp', 'keystore');
+const keyDirectoryPath = envOrDefault('KEY_DIRECTORY_PATH', path.resolve(cryptoPath, 'users', 'User1@org1.example.com', 'msp', 'keystore'));
 
 // Path to user certificate.
-const certPath = path.resolve(cryptoPath, 'users', 'User1@org1.example.com', 'msp', 'signcerts', 'cert.pem');
+const certPath = envOrDefault('CERT_PATH', path.resolve(cryptoPath, 'users', 'User1@org1.example.com', 'msp', 'signcerts', 'cert.pem'));
 
 // Path to peer tls certificate.
-const tlsCertPath = path.resolve(cryptoPath, 'peers', 'peer0.org1.example.com', 'tls', 'ca.crt');
+const tlsCertPath = envOrDefault('TLS_CERT_PATH', path.resolve(cryptoPath, 'peers', 'peer0.org1.example.com', 'tls', 'ca.crt'));
 
 // Gateway peer endpoint.
-const peerEndpoint = 'localhost:7051';
+const peerEndpoint = envOrDefault('PEER_ENDPOINT', 'localhost:7051');
+
+// Gateway peer SSL host name override.
+const peerHostAlias = envOrDefault('PEER_HOST_ALIAS', 'peer0.org1.example.com');
 
 const utf8Decoder = new TextDecoder();
 const assetId = `asset${Date.now()}`;
 
 async function main(): Promise<void> {
+
+    console.log('\n--> Launching Asset Transfer Sample:');
+    console.log(`channelName:       ${channelName}`);
+    console.log(`chaincodeName:     ${chaincodeName}`);
+    console.log(`mspId:             ${mspId}`);
+    console.log(`cryptoPath:        ${cryptoPath}`);
+    console.log(`keyDirectoryPath:  ${keyDirectoryPath}`);
+    console.log(`certPath:          ${certPath}`);
+    console.log(`tlsCertPath:       ${tlsCertPath}`);
+    console.log(`peerEndpoint:      ${peerEndpoint}`);
+    console.log(`peerHostAlias:     ${peerHostAlias}`);
+
     // The gRPC client connection should be shared by all Gateway connections to this endpoint.
     const client = await newGrpcConnection();
 
@@ -86,13 +101,16 @@ async function main(): Promise<void> {
     }
 }
 
-main().catch(error => console.error('******** FAILED to run the application:', error));
+main().catch(error => {
+    console.error('******** FAILED to run the application:', error);
+    process.exitCode = 1;
+});
 
 async function newGrpcConnection(): Promise<grpc.Client> {
     const tlsRootCert = await fs.readFile(tlsCertPath);
     const tlsCredentials = grpc.credentials.createSsl(tlsRootCert);
     return new grpc.Client(peerEndpoint, tlsCredentials, {
-        'grpc.ssl_target_name_override': 'peer0.org1.example.com',
+        'grpc.ssl_target_name_override': peerHostAlias,
     });
 }
 
@@ -205,3 +223,16 @@ async function updateNonExistentAsset(contract: Contract): Promise<void>{
         console.log('*** Successfully caught the error: \n', error);
     }
 }
+
+/**
+ * envOrDefault() will return the value of an environment variable, or a default value if the variable is undefined.
+ */
+function envOrDefault(key: string, defaultValue: string): string {
+
+    const value = process.env[key];
+    if (! value) {
+        return defaultValue;
+    }
+
+    return value;
+}
\ No newline at end of file
diff --git a/ci/scripts/run-k8s-test-network-basic.sh b/ci/scripts/run-k8s-test-network-basic.sh
index 9e1bec35..a1ee3a4f 100755
--- a/ci/scripts/run-k8s-test-network-basic.sh
+++ b/ci/scripts/run-k8s-test-network-basic.sh
@@ -32,7 +32,7 @@ export MSP_ID=${MSP_ID:-Org1MSP}
 export CRYPTO_PATH=${CRYPTO_PATH:-../../test-network-k8s/build/organizations/peerOrganizations/org1.example.com}
 export KEY_DIRECTORY_PATH=${KEY_DIRECTORY_PATH:-../../test-network-k8s/build/organizations/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp/keystore}
 export CERT_PATH=${CERT_PATH:-../../test-network-k8s/build/organizations/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp/signcerts/cert.pem}
-export TLS_CERT_PATH=${TLS_CERT_PATH:-../../test-network-k8s/build/organizations/peerOrganizations/org1.example.com/peers/org1-peer1.org1.example.com/tls/cacerts/org1-tls-ca.pem}
+export TLS_CERT_PATH=${TLS_CERT_PATH:-../../test-network-k8s/build/organizations/peerOrganizations/org1.example.com/msp/tlscacerts/org1-tls-ca.pem}
 export PEER_ENDPOINT=${PEER_ENDPOINT:-localhost:7051}
 export PEER_HOST_ALIAS=${PEER_HOST_ALIAS:-org1-peer1}
 
@@ -101,6 +101,9 @@ function stopNetwork() {
 
   print "Stopping network"
   ./network down
+
+  print "Cleaning client certificates"
+  rm -rf ../test-network-k8s/build/
 }
 
 # Set up the suite with a KIND cluster