add-new-org.yml

---
- hosts: nodes
  tasks:
  - name: Perfom check for 'newcomers' flag
    fail:
      msg: "newcomers flag is not defined. Are you sure, you are using right configuration? ..Aborting."
    tags:
      - safetycheck
    when: "newcomers is not defined"

  - name: Clean all previous dockers, if any
    raw: "docker rm -f $(docker ps -a | grep {{ global_domain }} | awk '{print $1};')"
    ignore_errors: true
    when: "'newcomer' in node_roles"

  - name: Clean all docker volumes
    raw: "docker volume rm $(docker volume ls -qf dangling=true)"
    ignore_errors: true
    when: "'newcomer' in node_roles"

  - name: Ensure all old folders not exist
    become: yes
    file:
      dest: "{{ item }}"
      state: absent
    loop: "{{ fabric_artifacts_folders }}"
    when: "'newcomer' in node_roles"

  - name: Ensure all folders exist
    file:
      dest: "{{ item }}"
      state: directory
    loop: "{{ fabric_artifacts_folders }}"
    when: "'newcomer' in node_roles"

  - name: Findout UID
    raw: "id -u {{ ansible_user }}"
    register: ansible_uid

  - name: Findout GID
    raw: "id -g {{ ansible_user }}"
    register: ansible_gid

  - set_fact:
      ansible_user_uid: "{{ ansible_uid.stdout | int }}"
      ansible_user_gid: "{{ ansible_gid.stdout | int }}"
      new_orgs: "{% set new_orgs2=[] %}{% for fabric_host in groups['nodes'] %}{% if 'newcomer' in hostvars[fabric_host].node_roles %}{{ new_orgs2.append(hostvars[fabric_host].org)}}{% endif %}{% endfor %}{{ new_orgs2 | list }}"

  - name: Transfer common configuration files
    template:
      src: "{{ item.from }}"
      dest: "{{ item.to }}"
      backup: yes
    loop: "{{ fabric_templates }}"

  - name: Transfer peer configuration files
    template:
      backup: yes
      src: "{{ item.from }}"
      dest: "{{ item.to }}"
    loop: "{{ peer_templates }}"
    when: "'peer' in node_roles"

#  - name: Transfer orderer configuration files
#    template:
#      backup: yes
#      src: "{{ item.from }}"
#      dest: "{{ item.to }}"
#    loop: "{{ orderer_templates }}"
#    when: "'orderer' in node_roles"

  - name: Configure new org
    block:

    - name: Transfer chaincode
      template:
        src: "{{ item.from }}"
        dest: "{{ item.to }}"
        mode: a+x
      loop: "{{ chaincode_templates }}"

    - name: Start cli container without crypto volumes
      raw: "docker-compose --file {{ docker_artifacts }}/docker-compose-{{ org }}.yaml up -d 'cliNoCryptoVolume.{{ org }}.{{ global_domain }}'"

    - name: Generate crypto material with cryptogen
      raw: "docker exec 'cliNoCryptoVolume.{{ org }}.{{ global_domain }}' bash -c 'sleep 2 && cryptogen generate --config=cryptogen-{{ org }}.yaml'"

    - name: Generating orgConfig.json
      raw: 'docker exec "cliNoCryptoVolume.{{ org }}.{{ global_domain }}" bash -c "FABRIC_CFG_PATH=./ configtxgen -printOrg {{ org }}MSP > {{ org }}Config.json"'

    - name: Changing artifacts ownership
      raw: "docker exec 'cliNoCryptoVolume.{{ org }}.{{ global_domain }}' bash -c 'chown -R {{ ansible_user_uid }}:{{ ansible_user_gid }} .'"

    - name: Rename generated private keys to server.key
      shell: find {{ fabric_artifacts }}/crypto-config -iname "*_sk*" -exec bash -c 'cp $0 $(echo $0 | sed -e "s/[^/]*_sk/server.key/")' {} \;

    - name: Create all folders for rsync..
      file:
        path: "./artifacts/{{ item.to }}"
        state: directory
      loop: "{{ files_to_rsync_orderer }}"
      delegate_to: localhost

    - name: Synchronize artifacts
      synchronize: src="{{ fabric_artifacts }}/{{ item.from }}" dest="./artifacts/{{ item.to }}" mode=pull recursive=yes
      loop: "{{ files_to_rsync_orderer }}"

    when: "'peer' in node_roles and 'newcomer' in node_roles"

  - name: Sync generated configs to orderer
    block:

    - name: Synchronize artifacts back to orderer
      become: true
      synchronize: src="artifacts" dest="{{ fabric_starter_workdir }}" recursive=yes

    - name: Transfer orderer configuration files
      template:
        backup: yes
        src: "{{ item.from }}"
        dest: "{{ item.to }}"
      loop: "{{ orderer_templates }}"

    when: "'orderer' in node_roles"

  - name: Configure needed channel updates for new orgs
    block:

      - name: Start cli global_domain container
        raw:  "docker-compose --file {{ docker_artifacts }}/docker-compose-{{ org }}.yaml up -d 'cli.{{ global_domain }}'"
        when: "'root_orderer' in node_roles"

      - name: Modifying current channels, if needed
        include_tasks: playbooks/modify-channel.yml
        loop_control:
          loop_var: ch_loop
        vars:
          mod_channel: "{{ ch_loop.0.name }}"
          mod_channel_participants:
            - "{{ ch_loop.1 }}"
        loop: "{{ global_channels|product(new_orgs)|list }}"
        when: "global_channels is defined and ch_loop.1 in ch_loop.0.particapants and org in ch_loop.0.particapants[0]"

      - name: Modifying testchainid system channel
        import_tasks: playbooks/modify-channel.yml
        vars:
          mod_channel: testchainid
          mod_channel_participants: "{{ new_orgs }}"
        when: "'root_peer' in node_roles"

      - name: Generating other channels config transactions, if any
        raw: 'docker exec -e FABRIC_CFG_PATH=/etc/hyperledger/artifacts "cli.{{ global_domain }}" configtxgen -profile "{{ item.name }}" -outputCreateChannelTx "./channel/{{ item.name }}.tx" -channelID "{{ item.name }}"'
        loop: "{{ new_channels }}"
        when: "new_channels is defined and 'root_orderer' in node_roles"

    when: "'peer' in node_roles"

- hosts: nodes
  serial: 1
  tasks:

  - block:

    - name: Start cli container
      raw: "docker-compose --file {{ docker_artifacts }}/docker-compose-{{ org }}.yaml up -d 'cli.{{ org }}.{{ global_domain }}'"

    - name: Changing ownership of channel block files
      raw: "docker exec 'cli.{{ org }}.{{ global_domain }}' bash -c 'chown -R {{ ansible_user_uid }}:{{ ansible_user_gid }} /etc/hyperledger/artifacts'"

    - name: Create all folders for rsync..
      file:
        path: "{{ fabric_artifacts }}/{{ item.to }}"
        state: directory
      loop: "{{ files_to_rsync_nodes_phase1 }}"

    - name: Synchronize genrated block files (artifacts)
      become: true
      synchronize: src="./artifacts/{{ item.from }}" dest="{{ fabric_artifacts }}/{{ item.to }}" recursive=yes
      loop: "{{ files_to_rsync_nodes_phase1 }}"

#    - name: Sign testchainid channel update by all orgs
#      raw: 'docker exec cli.{{ org }}.{{ global_domain }} bash -c "export CORE_PEER_ADDRESS=peer0.{{ org }}.{{ global_domain }}:7051 && peer channel signconfigtx -f /etc/hyperledger/artifacts/channel/config_testchainid_new_envelope.pb -o orderer{{ orderer_id | default() }}.{{ global_domain }}:{{ orderer_port }} --tls --cafile /etc/hyperledger/artifacts/crypto-config/ordererOrganizations/{{ global_domain }}/orderers/orderer{{ orderer_id | default() }}.{{ global_domain }}/tls/ca.crt"'
#      when: "'peer' in node_roles"

    - name: Sign other channel update by appropriate orgs
      raw: 'docker exec cli.{{ org }}.{{ global_domain }} bash -c "export CORE_PEER_ADDRESS=peer0.{{ org }}.{{ global_domain }}:7051 && peer channel signconfigtx -f /etc/hyperledger/artifacts/channel/config_{{ item.0.name }}_new_envelope.pb -o orderer0.{{ global_domain }}:{{ orderer_port }} --tls --cafile /etc/hyperledger/artifacts/crypto-config/ordererOrganizations/{{ global_domain }}/tlsca/tlsca.{{ global_domain }}-cert.pem"'
      loop: "{{ global_channels | product(new_orgs) | list }}"
      when: "global_channels is defined and org in item.0.particapants and item.1 in item.0.particapants"

    - name: Changing ownership of channel block files
      raw: 'docker exec "cli.{{ org }}.{{ global_domain }}" bash -c "chown -R {{ ansible_user_uid }}:{{ ansible_user_gid }} /etc/hyperledger/artifacts"'

    - name: Synchronize genrated block files (artifacts)
      become: true
      synchronize: src="{{ fabric_artifacts }}/{{ item.from }}" dest="./artifacts/{{ item.to }}" mode=pull recursive=yes
      loop: "{{ files_to_rsync_nodes_phase1 }}"

    when: "'peer' in node_roles"

- hosts: nodes
  tasks:

  - name: Start cli container
    raw: "docker-compose --file {{ docker_artifacts }}/docker-compose-{{ org }}.yaml up -d 'cli.{{ org }}.{{ global_domain }}'"

  - name: Changing ownership of channel block files
    raw: 'docker exec "cli.{{ org }}.{{ global_domain }}" bash -c "chown -R {{ ansible_user_uid }}:{{ ansible_user_gid }} /etc/hyperledger/artifacts"'
    when: "'peer' in node_roles"

  - name: Synchronize genrated block files (artifacts)
    become: true
    synchronize: src="./artifacts/{{ item.from }}" dest="{{ fabric_artifacts }}/{{ item.to }}" recursive=yes
    loop: "{{ files_to_rsync_nodes_phase1 }}"
    when: "'peer' in node_roles"

  - name: Updating testchainid channel with new config..
    raw: 'docker-compose -f {{ docker_artifacts }}/docker-compose-{{ org }}.yaml run --rm cli.{{ global_domain }} bash -c "sleep 3 && peer channel update -f /etc/hyperledger/artifacts/channel/config_testchainid_new_envelope.pb -o orderer{{ orderer_id | default() }}.{{ global_domain }}:{{ orderer_port }} -c testchainid --tls --cafile /etc/hyperledger/artifacts/crypto-config/ordererOrganizations/{{ global_domain }}/orderers/orderer{{ orderer_id | default() }}.{{ global_domain }}/tls/ca.crt"'
    when: "'root_orderer' in node_roles"

  - name: Updating other channels with new config, if any..
    raw: 'docker exec cli.{{ org }}.{{ global_domain }} bash -c "export CORE_PEER_ADDRESS=peer0.{{ org }}.{{ global_domain }}:7051 && peer channel update -f /etc/hyperledger/artifacts/channel/config_{{ item.0.name }}_new_envelope.pb -o orderer{{ orderer_id | default() }}.{{ global_domain }}:{{ orderer_port }} -c {{ item.0.name }} --tls  --cafile /etc/hyperledger/artifacts/crypto-config/ordererOrganizations/{{ global_domain }}/orderers/orderer{{ orderer_id | default() }}.{{ global_domain }}/tls/ca.crt"'
    loop: "{{ global_channels | product(new_orgs) | list }}"
    when: "'peer' in node_roles and global_channels is defined and org in item.0.particapants[0] and item.1 in item.0.particapants"

#  - name: Restarting peer docker containers
#    block:
#
#    - name: Restart peer conatainers
#      raw: "{{ item }}"
#      loop:
#        - "docker-compose -f {{ docker_artifacts }}/docker-compose-{{ global_domain }}.yaml down || true"
#        - "sleep 5 && docker-compose -f {{ docker_artifacts }}/docker-compose-{{ global_domain }}.yaml up -d 2>&1"
#
#    when: "'peer' in node_roles and 'newcomer' not in node_roles"

  - name: Bootstrap new orgs
    block:

      - name: Changing artifacts ownership
        raw: "docker exec 'cliNoCryptoVolume.{{ org }}.{{ global_domain }}' bash -c 'chown -R {{ ansible_user_uid }}:{{ ansible_user_gid }} .'"

      - name: Create all folders for rsync..
        file:
          path: "{{ fabric_artifacts }}/{{ item.to }}"
          state: directory
        loop: "{{ files_to_rsync_nodes_phase1 }}"
        when: "orderer_count is not defined or orderer_count <= 1"

      - name: Synchronize genrated block files (artifacts)
        become: true
        synchronize: src="./artifacts/{{ item.from }}" dest="{{ fabric_artifacts }}/{{ item.to }}" recursive=yes
        loop: "{{ files_to_rsync_nodes_phase1 }}"

      - name: Synchronize www-client folder
        synchronize: src="www-client" dest="{{ fabric_starter_workdir }}" recursive=yes

#      - name: Synchronize middleware folder
#        synchronize: src="middleware" dest="{{ fabric_starter_workdir }}" recursive=yes

      - name: Start docker containers
        raw: "docker-compose -f {{ docker_artifacts }}/docker-compose-{{ org }}.yaml up -d 2>&1"

      - name: Generate init-script..
        lineinfile:
          path: "{{ fabric_starter_workdir }}/start-node.sh"
          line: "docker-compose -f {{ docker_artifacts }}/docker-compose-{{ org }}.yaml up -d 2>&1"
          create: yes

      - name: Generate down-script..
        lineinfile:
          path: "{{ fabric_starter_workdir }}/stop-node.sh"
          insertbefore: BOF
          line: "docker-compose -f {{ docker_artifacts }}/docker-compose-{{ org }}.yaml down"
          create: yes

      - name: Install chaincode
        include_tasks: playbooks/install-chaincode.yaml
        loop: "{{ global_channels }} + {{ new_channels }}"
        
    when: "'peer' in node_roles and 'newcomer' in node_roles"

  - name: Creating addtional channels, if any
    block:

    - name: Creating other channels
      raw: 'docker exec "cli.{{ org }}.{{ global_domain }}" bash -c "peer channel create -o orderer0.{{ global_domain }}:{{ orderer_port }} -c {{ item.name }} -f /etc/hyperledger/artifacts/channel/{{ item.name }}.tx --tls  --cafile /etc/hyperledger/artifacts/crypto-config/ordererOrganizations/{{ global_domain }}/tlsca/tlsca.{{ global_domain }}-cert.pem"'
      loop: "{{ new_channels }}"
      when: "org in item.particapants[0]"

    - name: Changing ownership of channel block files
      raw: 'docker exec "cli.{{ org }}.{{ global_domain }}" bash -c "chown -R {{ ansible_user_uid }}:{{ ansible_user_gid }} ."'

    - name: Synchronize genrated block files (artifacts)
      synchronize: src="{{ fabric_artifacts }}/*.block" dest="./artifacts/" mode=pull recursive=yes
      loop: "{{ new_channels }}"
      when: "org in item.particapants[0]"

    - name: Synchronize genrated block files (artifacts)
      become: true
      synchronize: src="artifacts" dest="{{ fabric_starter_workdir }}" recursive=yes

    - name: Joining other channels
      raw: 'docker exec "cli.{{ org }}.{{ global_domain }}" bash -c "export CORE_PEER_ADDRESS=peer0.{{ org }}.{{ global_domain }}:7051 && peer channel join -b {{ item.name }}.block"'
      loop: "{{ new_channels }}"
      when: "org in item.particapants"

    - name: Instantiating chaincode for other channels, if any
      raw: "docker exec cli.{{ org }}.{{ global_domain }} bash -c 'export CORE_PEER_ADDRESS=peer0.{{ org }}.{{ global_domain }}:7051 && peer chaincode instantiate -n {{ item.chaincode.name }} -v {{ item.chaincode.version }} -c {{ item.chaincode.init | to_json }} -o orderer0.{{ global_domain }}:{{ orderer_port }} -C {{ item.name }} --tls  --cafile /etc/hyperledger/artifacts/crypto-config/ordererOrganizations/{{ global_domain }}/tlsca/tlsca.{{ global_domain }}-cert.pem'"
      loop: "{{ new_channels }}"
      when: "org in item.particapants[0]"

    - name: Changing ownership of channel block files
      raw: 'docker exec "cli.{{ org }}.{{ global_domain }}" bash -c "chown -R {{ ansible_user_uid }}:{{ ansible_user_gid }} ."'

    when: "new_channels is defined and 'peer' in node_roles"

  - name: Joining channels by new nodes
    block:

    - name: Synchronize genrated block files (artifacts)
      become: true
      synchronize: src="artifacts" dest="{{ fabric_starter_workdir }}" recursive=yes

    - name: Fetch other channels block
      raw: 'docker exec "cli.{{ org }}.{{ global_domain }}" bash -c "export CORE_PEER_ADDRESS=peer0.{{ org }}.{{ global_domain }}:7051 && peer channel fetch 0 {{ item.name }}.block -o orderer0.{{ global_domain }}:7050 -c {{ item.name }} --tls --cafile /etc/hyperledger/artifacts/crypto-config/ordererOrganizations/{{ global_domain }}/tlsca/tlsca.{{ global_domain }}-cert.pem"'
      loop: "{{ global_channels }}"
      when: "org in item.particapants"

    - name: Joining other channels
      raw: 'docker exec "cli.{{ org }}.{{ global_domain }}" bash -c "export CORE_PEER_ADDRESS=peer0.{{ org }}.{{ global_domain }}:7051 && peer channel join -b {{ item.name }}.block"'
      loop: "{{ global_channels }}"
      when: "org in item.particapants"

    - name: Changing ownership of channel block files
      raw: 'docker exec "cli.{{ org }}.{{ global_domain }}" bash -c "chown -R {{ ansible_user_uid }}:{{ ansible_user_gid }} ."'

    when: "'peer' in node_roles and 'newcomer' in node_roles"