Hyperledger fabric2.4 fabric-SDK-GO开发

甘学潞
2023-12-01

在实际部署时,一般将Fabric SDK作为API的提供者,为上层应用或对外服务提供Fabric区块链网络底层服务。Fabric SDK本质是一个Fabric基础对象,功能的封装集合和客户端框架实现,旨在方便开发人员快速开发出符合产品业务需求的服务模块。

获取 Fabric 和 Fabric CA 的客户端 SDK 包,SDK 文档可以在GoDoc中查看:

go get github.com/hyperledger/fabric-sdk-go

下面使用sdk实现创建通道,加入通道,打包链码,安装链码,升级链码等功能。

1. 基本工作流程

  1. 使用配置实例化一个 fabsdk 实例。注意:fabsdk 维护缓存,因此您应该最小化 fabsdk 本身的实例。
  2. 使用您的 fabsdk 实例基于用户和组织创建上下文。注意:通道上下文还需要通道 ID。
  3. 使用它的 New func 创建一个客户端实例,传递上下文。注意:您为所需的每个上下文创建一个新的客户端实例。
  4. 使用每个客户提供的功能来创建您的解决方案!
  5. 调用 fabsdk.Close() 释放资源和缓存。

2. config.yaml配置文件

配置文件包含client(客户端)、channels(通道)、organizations(组织)、orderers(排序节点列表)、peers(peer列表)、entityMatchers(实例匹配器)六部分信息。
其中client表示当前客户端信息,包含所属组织、密钥和证书文件的路径等, 这是每个client专用的信息。其余部分为fabric网络结构的信息,这些结构信息应当与configytx.yaml中是一致的。这是通用配置,每个客户端都可以拿来使用。另外,这部分信息并不需要是完整fabric网络信息,如果当前client只和部分节点交互,那配置文件中只需要包含所使用到的网络信息。

version: 0.0.0

client:

 organization: org1

 logging:
   level: info

 cryptoconfig:
   path: ./fixtures/crypto-config

 credentialStore:

   path: "/tmp/state-store"

   cryptoStore:
     # Specific to the underlying KeyValueStore that backs the crypto key store.
     path: /tmp/msp

 BCCSP:
   security:
     enabled: true
     default:
       provider: "SW"
     hashAlgorithm: "SHA2"
     softVerify: true
     level: 256

 tlsCerts:
   # [Optional]. Use system certificate pool when connecting to peers, orderers (for negotiating TLS) Default: false
   systemCertPool: true

   # [Optional]. Client key and cert for TLS handshake with peers and orderers
   client:
     key:
       path: ./fixtures/crypto-config/peerOrganizations/org1.maakees.com/users/User1@org1.maakees.com/tls/client.key
     cert:
       path: ./fixtures/crypto-config/peerOrganizations/org1.maakees.com/users/User1@org1.maakees.com/tls/client.crt


channels:
 # multi-org test channel
 mychannel:
   peers:
     peer0.org1.maakees.com:
       endorsingPeer: true
       chaincodeQuery: true
       ledgerQuery: true
       eventSource: true
     peer.org1.maakees.com:
       endorsingPeer: true
       chaincodeQuery: true
       ledgerQuery: true
       eventSource: true

   policies:
     queryChannelConfig:
       minResponses: 1
       maxTargets: 1
       retryOpts:
         attempts: 5
         initialBackoff: 500ms
         maxBackoff: 5s
         backoffFactor: 2.0
#
# list of participating organizations in this network
#
organizations:
 org1:
   mspid: Org1MSP

   # This org's MSP store (absolute path or relative to client.cryptoconfig)
   cryptoPath: ./fixtures/crypto-config/peerOrganizations/org1.maakees.com/users/{username}@org1.maakees.com/msp

   peers:
     - peer0.org1.maakees.com
     - peer1.org1.maakees.com
   # failed to create resmgmt client due to context error: user not found
   users:
     Admin:
       cert:
         path: ./fixtures/crypto-config/peerOrganizations/org1.maakees.com/users/Admin@org1.maakees.com/msp/signcerts/Admin@org1.maakees.com-cert.pem
       key:
         path: ./fixtures/crypto-config/peerOrganizations/org1.maakees.com/users/Admin@org1.maakees.com/msp/keystore/priv_sk
     User1:
       cert:
         path: ./fixtures/crypto-config/peerOrganizations/org1.maakees.com/users/User1@org1.maakees.com/msp/signcerts/User1@org1.maakees.com-cert.pem
       key:
         path: ./fixtures/crypto-config/peerOrganizations/org1.maakees.com/users/User1@org1.maakees.com/msp/keystore/priv_sk

 # Orderer Org name
 ordererorg:
   # Membership Service Provider ID for this organization
   mspID: OrdererMSP

   # Needed to load users crypto keys and certs for this org (absolute path or relative to global crypto path, DEV mode)
   cryptoPath: ./fixtures/crypto-config/ordererOrganizations/maakees.com/users/Admin@maakees.com/msp
   # failed to create resmgmt client due to context error: user not found
   users:
     Admin:
       cert:
         path: ./fixtures/crypto-config/ordererOrganizations/maakees.com/users/Admin@maakees.com/msp/signcerts/Admin@maakees.com-cert.pem
       key:
         path: ./fixtures/crypto-config/ordererOrganizations/maakees.com/users/Admin@maakees.com/msp/keystore/priv_sk
#
# List of orderers to send transaction and channel create/update requests to. For the time
# being only one orderer is needed. If more than one is defined, which one get used by the
# SDK is implementation specific. Consult each SDK's documentation for its handling of orderers.
#
orderers:

 orderer.example.com:
   # [Optional] Default: Infer from hostname
   url: localhost:7050

   # these are standard properties defined by the gRPC library
   # they will be passed in as-is to gRPC client constructor
   grpcOptions:
     ssl-target-name-override: orderer0.maakees.com
     # These parameters should be set in coordination with the keepalive policy on the server,
     # as incompatible settings can result in closing of connection.
     # When duration of the 'keep-alive-time' is set to 0 or less the keep alive client parameters are disabled
     keep-alive-time: 0s
     keep-alive-timeout: 20s
     keep-alive-permit: false
     fail-fast: false
     # allow-insecure will be taken into consideration if address has no protocol defined, if true then grpc or else grpcs
     allow-insecure: false

   tlsCACerts:
     # Certificate location absolute path
     path: ./fixtures/crypto-config/ordererOrganizations/maakees.com/tlsca/tlsca.maakees.com-cert.pem

#
# List of peers to send various requests to, including endorsement, query
# and event listener registration.
#
peers:
 peer0.org1.maakees.com:
   # this URL is used to send endorsement and query requests
   # [Optional] Default: Infer from hostname
   url: localhost:7051
   grpcOptions:
     ssl-target-name-override: peer0.org1.maakees.com
     # These parameters should be set in coordination with the keepalive policy on the server,
     # as incompatible settings can result in closing of connection.
     # When duration of the 'keep-alive-time' is set to 0 or less the keep alive client parameters are disabled
     keep-alive-time: 0s
     keep-alive-timeout: 20s
     keep-alive-permit: false
     fail-fast: false
     # allow-insecure will be taken into consideration if address has no protocol defined, if true then grpc or else grpcs
     allow-insecure: false
   #grpcOptions:
   #  ssl-target-name-override: peer0.org1.example.com

   tlsCACerts:
     # Certificate location absolute path
     path: ./fixtures/crypto-config/peerOrganizations/org1.maakees.com/tlsca/tlsca.org1.maakees.com-cert.pem

 peer1.org1.maakees.com:
   # this URL is used to send endorsement and query requests
   # [Optional] Default: Infer from hostname
   url: peer1.org1.maakees.com:8051
   grpcOptions:
     ssl-target-name-override: peer1.org1.maakees.com
     # These parameters should be set in coordination with the keepalive policy on the server,
     # as incompatible settings can result in closing of connection.
     # When duration of the 'keep-alive-time' is set to 0 or less the keep alive client parameters are disabled
     keep-alive-time: 0s
     keep-alive-timeout: 20s
     keep-alive-permit: false
     fail-fast: false
     # allow-insecure will be taken into consideration if address has no protocol defined, if true then grpc or else grpcs
     allow-insecure: false
   #grpcOptions:
   #  ssl-target-name-override: peer0.org1.example.com

   tlsCACerts:
     # Certificate location absolute path
     path: ./fixtures/crypto-config/peerOrganizations/org1.maakees.com/tlsca/tlsca.org1.maakees.com-cert.pem

#
# Fabric-CA is a special kind of Certificate Authority provided by Hyperledger Fabric which allows
# certificate management to be done via REST APIs. Application may choose to use a standard
# Certificate Authority instead of Fabric-CA, in which case this section would not be specified.
#
entityMatchers:
 peer:
   - pattern: peer0.org1.maakees.(\w+)
     urlSubstitutionExp: localhost:7051
     sslTargetOverrideUrlSubstitutionExp: peer0.org1.maakees.com
     mappedHost: peer0.org1.maakees.com

   - pattern: peer1.org1.maakees.(\w+)
     urlSubstitutionExp: localhost:8051
     sslTargetOverrideUrlSubstitutionExp: peer1.org1.maakees.com
     mappedHost: peer1.org1.maakees.com

 orderer:
   - pattern: (\w+).maakees.(\w+)
     urlSubstitutionExp: localhost:7050
     sslTargetOverrideUrlSubstitutionExp: orderer0.maakees.com
     mappedHost: orderer0.maakees.com

 certificateAuthority:
   - pattern: (\w+).org1.maakees.(\w+)
     urlSubstitutionExp: https://localhost:7054
     sslTargetOverrideUrlSubstitutionExp: ca.org1.maakees.com
     mappedHost: ca.org1.maakees.com

3. 代码示例

3.1 创建SDK实例

  • configFile:配置文件路径
func InitSdk(configFile string) (*fabsdk.FabricSDK) {
	// 通过config.FromFile解析配置文件,然后通过fabsdk.New创建fabric go sdk的入口实例
	sdk, err := fabsdk.New(config.FromFile(configFile))
	if err != nil {
		fmt.Println("初始化fabric sdk失败,error:%v", err)
		os.Exit(-1)
	}
	fmt.Println("Fabric sdk初始化成功!!!")
	return sdk
}

3.2 创建通道

  • channelID:通道名称,例:mychannel
  • channelConfigPath: 通道文件路径,例:./fixtures/channel-artifacts/channel.tx
  • orgName: 组织名称,例:org1
  • orgAdmin:组织用户,Admin
func createChannel(sdk *fabsdk.FabricSDK, channelID, channelConfigPath,orgName,orgAdmin string) {
	signIds := []msp.SigningIdentity{}
	// 为组织创建msp客户端
	orgMspClient, err := mspclient.New(sdk.Context(), mspclient.WithOrg(orgName))
	if err != nil {
		fmt.Errorf("创建组织msp客户端失败,error: %v", err)
		os.Exit(-1)
	}
	// 获取组织签名信息
	signId, err := orgMspClient.GetSigningIdentity(orgAdmin)
	if err != nil {
		fmt.Errorf("GetSigningIdentity error: %v", err)
		os.Exit(-1)
	}
	signIds = append(signIds, signId)
	
	ordererClientContext := sdk.Context(fabsdk.WithUser(initInfo.OrdererAdminUser), fabsdk.WithOrg(initInfo.OrdererOrgName))
	chMgmtClient, err := resmgmt.New(ordererClientContext)
	if err != nil {
		fmt.Errorf("根据orderer节点创建通道管理客户端失败,error: %v", err)
		os.Exit(-1)
	}
	// 保存通道请求的参数
	chreq := resmgmt.SaveChannelRequest{
		ChannelID:         channelID,
		ChannelConfigPath: channelConfigPath,
		SigningIdentities: signIds,
	}
	// 创建通道
	_, err := chMgmtClient.SaveChannel(chreq)
	if err != nil {
		fmt.Errorf("SaveChannel error: %v", err)
		os.Exit(-1)
	}
	fmt.Println("创建通道成功!!!")
}

3.3 加入通道

  • channelID:通道名称,例:mychannel
  • orgName: 组织名称,例:org1
  • orgAdmin:组织用户,Admin
  • ordererEndpoint:排序节点,例:orderer0.example.com
func joinChannel(sdk *fabsdk.FabricSDK, channelID, orgAdmin, orgName, ordererEndpoint string) {
	clientContext := sdk.Context(fabsdk.WithUser(orgAdmin), fabsdk.WithOrg(orgName))
	// 根据组织创建通道管理客户端实例
	orgResMgmt, err := resmgmt.New(clientContext)
	if err != nil {
		fmt.Errorf("创建通道管理客户端失败,error: %v", err)
		os.Exit(-1)
	}
	if err = orgResMgmt.JoinChannel(channelID, resmgmt.WithRetry(retry.DefaultResMgmtOpts), resmgmt.WithOrdererEndpoint(ordererEndpoint)); err != nil {
		fmt.Errorf("%s组织加入通道失败,error: %v", orgName, err)
		os.Exit(-1)
	}
	fmt.Println("组织加入通道成功")
}

3.4 打包链码

  • ccName:链码名称
  • ccVersion:链码版本号
  • ccPath:链码路径
func packageCC(ccName, ccVersion, ccPath string) (string, []byte) {
	label := ccName + "_" + ccVersion
	desc := &lifecycle.Descriptor{
		Path:  ccPath,
		Type:  peer.ChaincodeSpec_GOLANG,
		Label: label,
	}
	ccPkg, err := lifecycle.NewCCPackage(desc)
	if err != nil {
		fmt.Errorf("packageCC error: %v", err)
		os.Exit(-1)
	}
	return label, ccPkg
}

3.5 安装链码

  • sdk: SDK实例
  • label:链码名称
  • ccPkg:安装包
  • orgAdmin:组织管理员
  • orgName:组织名称
func installCC(sdk *fabsdk.FabricSDK, label string, ccPkg []byte, orgAdmin, orgName string)  {
	installCCReq := resmgmt.LifecycleInstallCCRequest{
		Label:   label,
		Package: ccPkg,
	}
	clientContext := sdk.Context(fabsdk.WithUser(orgAdmin), fabsdk.WithOrg(orgName))
	orgResMgmt, _ := resmgmt.New(clientContext)
	if _,err := orgResMgmt.LifecycleInstallCC(installCCReq, resmgmt.WithRetry(retry.DefaultResMgmtOpts)); err != nil {
		fmt.Errorf("LifecycleInstallCC error: %v", err)
		os.Exit(-1)
	}
}

3.6 查询安装的链码

  • orgResMgmt:根据组织创建的资源管理客户端
func queryInstalledCC(orgResMgmt *resmgmt.Client) {
	installedCC, err := orgResMgmt.LifecycleQueryInstalledCC()
	if err != nil {
		fmt.Errorf("LifecycleQueryInstalledCC error: %v", err)
		os.Exit(-1)
	}
	for _, info := range installedCC {
		fmt.Printf("label:%s, packageID:%s",info.Label, info.PackageID)
	}
}

3.7 根据packageID获取链码包

  • packageID:链码包ID
  • orgResMgmt:根据组织创建的资源管理客户端
func getInstalledCCPackage(packageID string, orgResMgmt *resmgmt.Client) {
	if _, err := orgResMgmt.LifecycleGetInstalledCCPackage(packageID); err != nil {
		fmt.Errorf("LifecycleGetInstalledCCPackage error: %v", err)
		os.Exit(-1)
	}
	fmt.Println("LifecycleGetInstalledCCPackage success")
}

3.8 批准链码定义

  • sdk:SDK实例
  • packageID:链码安装包ID
  • ccName:链码名称
  • ccVersion:链码版本号
  • sequence:链码序列号
  • channelID:通道名称
  • orgAdmin:组织管理员
  • orgName:组织名称
  • orgMspID:组织MspID
  • ordererEndpoint: order节点地址
func approveCC(sdk *fabsdk.FabricSDK, packageID, ccName, ccVersion string, sequence int64, channelID string, orgAdmin, orgName, orgMspID, ordererEndpoint string) {
	mspIDs := []string{}
	mspIDs = append(mspIDs, orgMspID)
	ccPolicy := policydsl.SignedByNOutOfGivenRole(int32(len(mspIDs)), mb.MSPRole_MEMBER, mspIDs)
	approveCCReq := resmgmt.LifecycleApproveCCRequest{
		Name:              ccName,
		Version:           ccVersion,
		PackageID:         packageID,
		Sequence:          sequence,
		EndorsementPlugin: "escc",
		ValidationPlugin:  "vscc",
		SignaturePolicy:   ccPolicy,
		InitRequired:      true,
	}
	orgClientContext := sdk.Context(fabsdk.WithUser(orgAdmin), fabsdk.WithOrg(orgName))
	ctx, err := context.NewLocal(orgClientContext)
	orgPeers, err := ctx.LocalDiscoveryService().GetPeers()
	if err != nil {
		fmt.Errorf("GetPeers error: %v", err)
		os.Exit(-1)
	}
	orgResMgmt,_ := resmgmt.New(orgClientContext)
	if _, err := orgResMgmt.LifecycleApproveCC(channelID, approveCCReq, resmgmt.WithTargets(orgPeers...), resmgmt.WithOrdererEndpoint(ordererEndpoint), resmgmt.WithRetry(retry.DefaultResMgmtOpts)); err != nil {
		fmt.Errorf("LifecycleApproveCC error: %v", err)
		os.Exit(-1)
	}
	fmt.Errorf("LifecycleApproveCC success")
}

3.9 查询批准的链码

  • sdk:SDK实例
  • ccName:链码名称
  • sequence:序列号
  • channelID:通道ID
  • orgAdmin:组织管理员
  • orgName:组织名称
func queryApprovedCC(sdk *fabsdk.FabricSDK,ccName string, sequence int64, channelID string, orgAdmin, orgName string) {
	queryApprovedCCReq := resmgmt.LifecycleQueryApprovedCCRequest{
		Name:     ccName,
		Sequence: sequence,
	}
	orgClientContext := sdk.Context(fabsdk.WithUser(orgAdmin), fabsdk.WithOrg(orgName))
	ctx, _ := context.NewLocal(orgClientContext)
	orgResMgmt,_ := resmgmt.New(orgClientContext)
	orgPeers, _ := ctx.LocalDiscoveryService().GetPeers()
	for _, p := range orgPeers {
		resp, err := orgResMgmt.LifecycleQueryApprovedCC(channelID, queryApprovedCCReq, resmgmt.WithTargets(p))
		if err != nil {
			fmt.Errorf("LifecycleQueryApprovedCC returned error: %v", err)
		}
		fmt.Println(resp.Name)
	}
}

3.10 检查链码是否已准备好在通道上提交

  • sdk:SDK实例
  • ccName:链码名称
  • ccVersion:链码版本号
  • sequence:链码序列号
  • channelID:通道名称
  • orgAdmin:组织管理员
  • orgName:组织名称
  • orgMspID:组织MspID
func checkCCCommitReadiness(sdk *fabsdk.FabricSDK,ccName, ccVersion string, sequence int64, channelID string, orgAdmin, orgName, orgMspID string) {
	mspIds := []string{"orgMspID"}
	ccPolicy := policydsl.SignedByNOutOfGivenRole(int32(len(mspIds)), mb.MSPRole_MEMBER, mspIds)
	req := resmgmt.LifecycleCheckCCCommitReadinessRequest{
		Name:    ccName,
		Version: ccVersion,
		EndorsementPlugin: "escc",
		ValidationPlugin:  "vscc",
		SignaturePolicy:   ccPolicy,
		Sequence:          sequence,
		InitRequired:      true,
	}
	orgClientContext := sdk.Context(fabsdk.WithUser(orgAdmin), fabsdk.WithOrg(orgName))
	ctx, _ := context.NewLocal(orgClientContext)
	orgResMgmt,_ := resmgmt.New(orgClientContext)
	orgPeers, _ := ctx.LocalDiscoveryService().GetPeers()
	for _, p := range orgPeers {
		resp, err := orgResMgmt.LifecycleCheckCCCommitReadiness(channelID, req, resmgmt.WithTargets(p))
		if err != nil {
			fmt.Errorf("LifecycleCheckCCCommitReadiness error: %v", err)
			os.Exit(-1)
		}
		for _, r := range resp.Approvals {
			if !r {
				fmt.Errorf("链码未就绪")
				os.Exit(-1)
			}
		}
	}
	fmt.Errorf("LifecycleCheckCCCommitReadiness success")
}

3.11 提交链码定义到通道

  • sdk:SDK实例
  • ccName:链码名称
  • ccVersion:链码版本号
  • sequence:链码序列号
  • channelID:通道名称
  • orgAdmin:组织管理员
  • orgName:组织名称
  • orgMspID:组织MspID
func commitCC(ccName, ccVersion string, sequence int64, channelID string, orgs appConf.OrgsConfig, orgAdmin, orgName, orgMspID, ordererEndpoint string) {
	mspIDs := []string{"orgMspID"}
	ccPolicy := policydsl.SignedByNOutOfGivenRole(int32(len(mspIDs)), mb.MSPRole_MEMBER, mspIDs)

	req := resmgmt.LifecycleCommitCCRequest{
		Name:              ccName,
		Version:           ccVersion,
		Sequence:          sequence,
		EndorsementPlugin: "escc",
		ValidationPlugin:  "vscc",
		SignaturePolicy:   ccPolicy,
		InitRequired:      true,
	}
	
	orgClientContext := sdk.Context(fabsdk.WithUser(orgAdmin), fabsdk.WithOrg(orgName))
	orgResMgmt,_ := resmgmt.New(orgClientContext)
	_, err := orgResMgmt.LifecycleCommitCC(channelID, req, resmgmt.WithOrdererEndpoint(ordererEndpoint), resmgmt.WithRetry(retry.DefaultResMgmtOpts))
	if err != nil {
		fmt.Errorf("LifecycleCommitCC error: %v", err)
		os.Exit(-1)
	}
	fmt.Errorf("LifecycleCommitCC success")
}

3.12 初始化链码

  • ccName:链码名称
  • orgName:组织名称
  • orgUser:组织用户
func InitCC(ccName,orgName,orgUser string) {
	clientChannelContext := sdk.ChannelContext(channelID, fabsdk.WithUser(orgUser), fabsdk.WithOrg(orgName))
	client, err := channel.New(clientChannelContext)
	_, err := client.Execute(channel.Request{ChaincodeID: ccName, Fcn: "Init", Args: nil, IsInit: true},
		channel.WithRetry(retry.DefaultChannelOpts))
	if err != nil {
		fmt.Errorf("Failed to initcc: %s", err)
		os.Exit(-1)
	}
	fmt.Println("合约初始化成功 !!!")
}

3.12 链码升级

升级链码与部署链码的生命周期相同:

  1. 重新打包链码
  2. 在peer 节点上安装新的链码包
  3. 批准新的链码定义
  4. 提交链码定义到通道

Fabric 链码在链码定义中使用 sequence 来跟踪升级。所有的通道成员需要把序列号加一并且同意新的定义来升级链码。

 类似资料: