From c2da680893a4021e725321e559eb20d5e15329ac Mon Sep 17 00:00:00 2001
From: David Enyeart <enyeart@us.ibm.com>
Date: Mon, 14 Apr 2025 17:55:53 -0400
Subject: [PATCH] Improve logging for test-network-nano-bash CA

Make the CA script logging more readable for users
trying to understand the fabric-ca-client commands.

Print the actual command to the log and remove the
debug logging which adds noise.

Signed-off-by: David Enyeart <enyeart@us.ibm.com>
---
 test-network-nano-bash/ca/ca_utils.sh | 34 +++++++++++++++++++++++----
 1 file changed, 30 insertions(+), 4 deletions(-)

diff --git a/test-network-nano-bash/ca/ca_utils.sh b/test-network-nano-bash/ca/ca_utils.sh
index 3ddfaafe..912722e7 100755
--- a/test-network-nano-bash/ca/ca_utils.sh
+++ b/test-network-nano-bash/ca/ca_utils.sh
@@ -12,6 +12,8 @@
 
 createEnrollment() {
 
+  echo "createEnrollment $1 $2 $3 $4 $5 $6"
+
   local port=$1             # port of the CA used for creating the enrollment
   local username=$2         # username of the registered user on the CA 
   local password=$3         # password of the registered user on the CA
@@ -19,19 +21,27 @@ createEnrollment() {
   local component_dir=$5    # path of the component, this will be the directory where the artifacts will be created
   local tlscert=$6          # tls cert for connecting to the CA
 
+  set -x
+
   # Enroll the identity
-  fabric-ca-client enroll -d -u https://${username}:${password}@localhost:${port} --caname ca --mspdir "${component_dir}/msp" --tls.certfiles $tlscert
+
+  fabric-ca-client enroll -u https://${username}:${password}@localhost:${port} --caname ca --mspdir "${component_dir}/msp" --tls.certfiles $tlscert
+
   if [ $? -ne 0 ]; then
     echo "fabric-ca-client admin enroll failed, make sure CA service is available. Exiting..."
     exit 1
   fi
 
+  { set +x; } 2>/dev/null
+
   # Rename private key to mimic cryptogen
   find ${component_dir} -type f -name '*_sk'  | sed -e 'p;s/\(.*\)\/\(.*\)$/\1\/priv_sk/' | xargs -n2 mv -v
 
   # Rename the cacert to mimic cryptogen
   mv ${component_dir}/msp/cacerts/localhost-${port}-ca.pem ${component_dir}/msp/cacerts/ca.${orgname:+$orgname.}example.com-cert.pem
 
+  echo "\n\n"
+
 }
 
 ######################################################################################
@@ -43,6 +53,8 @@ createEnrollment() {
 
 createMSP() {
 
+  echo "createMSP $1 $2 $3"
+
   local caname=$1       # name of the ca (ordererca, org1ca, org2ca)
   local orgname=$2      # name of the org (org1, org2)  Ordering Org is blank
   local org_dir=$3          # directory of the organizatio
@@ -55,6 +67,8 @@ createMSP() {
   cp data_ca/${caname}/tlsca/ca-cert.pem ${org_dir}/msp/tlscacerts/tlsca.${orgname:+$orgname.}example.com-cert.pem
   awk -v cacert_name="ca.${orgname:+$orgname.}example.com-cert" '{gsub(/ca.example.com-cert/,cacert_name)}1' ca/config.yaml > ${org_dir}/msp/config.yaml
 
+  echo "\n\n"
+
 }
 
 ######################################################################################
@@ -67,6 +81,8 @@ createMSP() {
 
 registerAndEnroll() {
 
+  echo "registerAndEnroll $1 $2 $3 $4 $5 $6 $7 $8"
+
   local port=$1              # port of the CA used for creating the enrollment
   local username=$2          # username of the user to register on the CA 
   local password=$3          # password of the user to register on the CA 
@@ -82,20 +98,24 @@ registerAndEnroll() {
     local attrs=""
   fi
 
+  set -x
+
   # Register the username
-  fabric-ca-client register -d -u https://localhost:${port} --id.name ${username} --id.secret ${password} --id.type ${type} --id.attrs "${attrs}" --caname ca --tls.certfiles $tlscert --mspdir "${org_dir}/ca/msp"
+  fabric-ca-client register -u https://localhost:${port} --id.name ${username} --id.secret ${password} --id.type ${type} --id.attrs "${attrs}" --caname ca --tls.certfiles $tlscert --mspdir "${org_dir}/ca/msp"
   if [ $? -ne 0 ]; then
     echo "fabric-ca-client register failed, make sure CA service is available. Exiting..."
     exit 1
   fi
 
   # Enroll the identity
-  fabric-ca-client enroll -d -u https://${username}:${password}@localhost:${port} --caname ca --mspdir "${component_dir}/msp" --tls.certfiles $tlscert
+  fabric-ca-client enroll -u https://${username}:${password}@localhost:${port} --caname ca --mspdir "${component_dir}/msp" --tls.certfiles $tlscert
   if [ $? -ne 0 ]; then
     echo "fabric-ca-client enroll failed, make sure CA service is available. Exiting..."
     exit 1
   fi
 
+  { set +x; } 2>/dev/null
+
   # Rename private key to mimic cryptogen
   find ${component_dir} -type f -name '*_sk'  | sed -e 'p;s/\(.*\)\/\(.*\)$/\1\/priv_sk/' | xargs -n2 mv -v
 
@@ -108,13 +128,17 @@ registerAndEnroll() {
   # If this is a peer or orderer type then create a TLS cert
   if [ "$type" = "peer" ] || [ "$type" = "orderer" ]; then
 
+    set -x
+
     # Enroll the TLS cert
-    fabric-ca-client enroll -d -u https://${username}:${password}@localhost:${port} --caname tlsca --mspdir "${component_dir}/tls" --tls.certfiles $tlscert --csr.hosts 'localhost,127.0.0.1'
+    fabric-ca-client enroll -u https://${username}:${password}@localhost:${port} --caname tlsca --mspdir "${component_dir}/tls" --tls.certfiles $tlscert --csr.hosts 'localhost,127.0.0.1'
     if [ $? -ne 0 ]; then
       echo "fabric-ca-client TLS enroll failed, make sure CA service is available. Exiting..."
       exit 1
     fi
 
+    { set +x; } 2>/dev/null
+
     # Rename private key to mimic cryptogen
     find ${component_dir} -type f -name '*_sk'  | sed -e 'p;s/\(.*\)\/\(.*\)$/\1\/priv_sk/' | xargs -n2 mv -v
 
@@ -128,6 +152,8 @@ registerAndEnroll() {
 
   fi
 
+  echo "\n\n"
+
 }