-
Notifications
You must be signed in to change notification settings - Fork 8.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow BCCSP config to be set using environment variables #1900
Conversation
8b80483
to
37d0330
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Overall looks pretty good, not a lot of actual code changes and mostly test which is of course great. Still, a few questions.
|
||
// FactoryOpts holds configuration information used to initialize factory implementations | ||
type FactoryOpts struct { | ||
Default string `json:"default" yaml:"Default"` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I realize you're just moving this code about, but it's really bothersome that the yaml and json keys are differently cased. I'm not sure who would be depending on this behavior, so perhaps it's safest not to change, but just have to point it out.
@@ -25,6 +24,10 @@ func GetDefaultOpts() *FactoryOpts { | |||
Hash: "SHA2", | |||
Security: 256, | |||
}, | |||
PKCS11: &pkcs11.PKCS11Opts{ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I guess it's fine to consolidate these into a single struct regardless of build tag because we never try to interact with the pkcs11 lib unless we follow the path set out in the pkcs11.go file?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, that was the thinking here.
48786aa
to
bfb217b
Compare
574d6aa
to
0a4546c
Compare
internal/peer/common/common.go
Outdated
// SW Overrides | ||
if swHash, exist := os.LookupEnv("CORE_PEER_BCCSP_SW_HASH"); exist { | ||
bccspConfig.SW.Hash = swHash | ||
} | ||
|
||
if swSecurity, exist := os.LookupEnv("CORE_PEER_BCCSP_SW_SECURITY"); exist { | ||
swSec, err := strconv.Atoi(swSecurity) | ||
if err != nil { | ||
return errors.Errorf("CORE_PEER_BCCSP_SW_SECURITY set to non-integer value: %s", swSecurity) | ||
} | ||
bccspConfig.SW.Security = swSec | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We could remove these SW override lookups since BCCSP hardcodes these anyways.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
agreed
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🧹
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't love implementing this environment parsing manually, but given the downsides of the implementation through viperutil, it seems like the lesser of the two evils. Did you want to address Will's comment now, or should we merge as is?
FAB-17969 Signed-off-by: Tiffany Harris <tiffany.harris@ibm.com> Signed-off-by: Will Lahti <wtlahti@us.ibm.com>
@jyellick removed the overrides for hardcoded SW values |
FAB-17969 Signed-off-by: Tiffany Harris <tiffany.harris@ibm.com> Signed-off-by: Will Lahti <wtlahti@us.ibm.com>
FAB-17969 Signed-off-by: Tiffany Harris <tiffany.harris@ibm.com> Signed-off-by: Will Lahti <wtlahti@us.ibm.com>
FAB-17969 Signed-off-by: Tiffany Harris <tiffany.harris@ibm.com> Signed-off-by: Will Lahti <wtlahti@us.ibm.com>
This change had some a pretty well hidden side affect. It pushed PKCS11 code outside of the |
@btl5037 what do you suggest? reverting? |
This reverts commit 0a9f766. which pushed the pkcs11 code outside of the pkcs11 build tag. This prevents cross-compilation of Fabric due to the fact the miekg/pkcs11 package contains CGO which requires a cross-compiler for each platform you are cross compiling for. We need to find a better approach to solving this problem that doesn't pull the code out of the build tag. Signed-off-by: Brett Logan <brett.t.logan@ibm.com>
This reverts commit f2e9e6e. which pushed the pkcs11 code outside of the pkcs11 build tag. This prevents cross-compilation of Fabric due to the fact the miekg/pkcs11 package contains CGO which requires a cross-compiler for each platform you are cross compiling for. We need to find a better approach to solving this problem that doesn't pull the code out of the build tag. Signed-off-by: Danny Cao <dcao@us.ibm.com>
This reverts commit f2e9e6e. which pushed the pkcs11 code outside of the pkcs11 build tag. This prevents cross-compilation of Fabric due to the fact the miekg/pkcs11 package contains CGO which requires a cross-compiler for each platform you are cross compiling for. We need to find a better approach to solving this problem that doesn't pull the code out of the build tag. Signed-off-by: Danny Cao <dcao@us.ibm.com>
Resolved in #3697 |
Type of change
Related issues
FAB-17969