I hope someone could help me with the following problem.
I am using Amazon Managed Blockchain with the framework Hyperledge Fabric v1.4 and I followed this documentation https://docs.aws.amazon.com/managed-blockchain/latest/hyperledger-fabric-dev/get-started-create-channel.html.
This is the error I get when I try to create the channel with that command line:
Command line:
docker exec cli peer channel create -c mychannel -f /opt/home/mychannel.pb -o $ORDERER --cafile /opt/home/managedblockchain-tls-chain.pem --tls
Error:
2022-01-17 10:34:47.356 UTC [channelCmd] InitCmdFactory -> INFO 001 Endorser and orderer connections initialized
Error: got unexpected status: BAD_REQUEST -- error validating channel creation transaction for new channel 'mychannel', could not succesfully apply update to template configuration: error authorizing update: error validating DeltaSet: policy for [Group] /Channel/Application not satisfied: implicit policy evaluation failed - 0 sub-policies were satisfied, but this policy requires 1 of the 'Admins' sub-policies to be satisfied
The admin certificate is in a folder "admin-msp".
My configxt.yaml (I did not get any error executing a previous step with "docker exec cli configtxgen -outputCreateChannelTx /opt/home/mychannel.pb -profile OneOrgChannel -channelID mychannel --configPath /opt/home/"):
Organizations:
- &Org1
Name: m-Q37N3LRUKNFDXBZ7GARMYFBYIE
ID: m-Q37N3LRUKNFDXBZ7GARMYFBYIE
Policies: &Org1Policies
Readers:
Type: Signature
Rule: "OR('Org1.member')"
# If your MSP is configured with the new NodeOUs, you might
# want to use a more specific rule like the following:
# Rule: "OR('Org1.admin', 'Org1.peer', 'Org1.client')"
Writers:
Type: Signature
Rule: "OR('Org1.member')"
# If your MSP is configured with the new NodeOUs, you might
# want to use a more specific rule like the following:
# Rule: "OR('Org1.admin', 'Org1.client')"
Admins:
Type: Signature
Rule: "OR('Org1.admin')"
# MSPDir is the filesystem path which contains the MSP configuration.
MSPDir: /opt/home/admin-msp
# AnchorPeers defines the location of peers which can be used for
# cross-org gossip communication. Note, this value is only encoded in
# the genesis block in the Application section context.
AnchorPeers:
- Host: 127.0.0.1
Port: 7051
Capabilities:
Channel: &ChannelCapabilities
V1_4_3: true
V1_3: false
V1_1: false
Orderer: &OrdererCapabilities
V1_4_2: true
V1_1: false
Application: &ApplicationCapabilities
V1_4_2: true
V1_3: false
V1_2: false
V1_1: false
Channel: &ChannelDefaults
Policies:
# Who may invoke the 'Deliver' API
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
# Who may invoke the 'Broadcast' API
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
# By default, who may modify elements at this config level
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
Capabilities:
<<: *ChannelCapabilities
Application: &ApplicationDefaults
Policies: &ApplicationDefaultPolicies
LifecycleEndorsement:
Type: ImplicitMeta
Rule: "ANY Readers"
Endorsement:
Type: ImplicitMeta
Rule: "ANY Readers"
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
Capabilities:
<<: *ApplicationCapabilities
Profiles:
OneOrgChannel:
<<: *ChannelDefaults
Consortium: AWSSystemConsortium
Application:
<<: *ApplicationDefaults
Organizations:
- <<: *Org1
My docker-compose-cli.yaml file:
version: '2'
services:
cli:
container_name: cli
image: hyperledger/fabric-tools:1.4
tty: true
environment:
- GOPATH=/opt/gopath
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- FABRIC_LOGGING_SPEC=info # Set logging level to debug for more verbose logging
- CORE_PEER_ID=cli
- CORE_CHAINCODE_KEEPALIVE=10
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_ROOTCERT_FILE=/opt/home/managedblockchain-tls-chain.pem
- CORE_PEER_LOCALMSPID=$Member
- CORE_PEER_MSPCONFIGPATH=/opt/home/admin-msp
- CORE_PEER_ADDRESS=$MyPeerNodeEndpoint
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: /bin/bash
volumes:
- /var/run/:/host/var/run/
- /home/ec2-user/fabric-samples/chaincode:/opt/gopath/src/github.com/
- /home/ec2-user:/opt/home
Thanks in advance :).
Related
When i run App.spec file for aws ECS blue green deployment the error is coming : "The deployment failed because the AppSpec file that specifies the deployment configuration is missing or has an invalid configuration. Failed to parse your appspec file. Please validate your appspec format and try again later." If anyone
knows about this error. Please let me know me.
Validate your AppSpec File
File syntax Validation:
you can use a browser-based tool such as YAML lint http://www.yamllint.com or an Online YAML parser http://yaml-online-parser.appspot.com to help you check your YAML syntax. Most of the time, it would solve your problem.
File Location validation:
Make sure to name your AppSpec File as appspec.yml, To verify that you have placed your AppSpec file in the root directory of the application's source content's directory structure, run one of the following commands:
On local Linux, macOS, or Unix instances:
ls path/to/root/directory/appspec.yml
If the AppSpec file is not located there, a "No such file or directory" error is displayed.
On local Windows instances:
dir path\to\root\directory\appspec.yml
If the AppSpec file is not located there, a "File Not Found" error is displayed.
AppSpec File example for an Amazon ECS deployment
Following is an example of an AppSpec file written in YAML for deploying an Amazon ECS service.
version: 0.0
Resources:
- TargetService:
Type: AWS::ECS::Service
Properties:
TaskDefinition: "arn:aws:ecs:us-east-1:111222333444:task-definition/my-task-definition-family-name:1"
LoadBalancerInfo:
ContainerName: "SampleApplicationName"
ContainerPort: 80
# Optional properties
PlatformVersion: "LATEST"
NetworkConfiguration:
AwsvpcConfiguration:
Subnets: ["subnet-1234abcd","subnet-5678abcd"]
SecurityGroups: ["sg-12345678"]
AssignPublicIp: "ENABLED"
CapacityProviderStrategy:
- Base: 1
CapacityProvider: "FARGATE_SPOT"
Weight: 2
- Base: 0
CapacityProvider: "FARGATE"
Weight: 1
Hooks:
- BeforeInstall: "LambdaFunctionToValidateBeforeInstall"
- AfterInstall: "LambdaFunctionToValidateAfterInstall"
- AfterAllowTestTraffic: "LambdaFunctionToValidateAfterTestTrafficStarts"
- BeforeAllowTraffic: "LambdaFunctionToValidateBeforeAllowingProductionTraffic"
- AfterAllowTraffic: "LambdaFunctionToValidateAfterAllowingProductionTraffic"
AppSpec File example for an Amazon EC2 deployment
See the hooks, which hooks are available and used to do what for a successful deployment.
version: 0.0
os: linux
files:
- source: /
destination: /var/www/html
file_exists_behavior: OVERWRITE
permissions:
- object: /var/www/html
pattern: "**"
owner: root
group: www-data
mode: 644 # gives read and write permissions to the owner of the object (6), read-only permissions to the group (4), and read-only permissions to all other users (4).
# acls:
# - u:deployer:rwx
type:
- file
- object: /var/www/html
pattern: "**"
owner: root
group: www-data
mode: 755 # sets the setuid attribute (4), gives full control permissions to the owner (7), gives read and execute permissions to the group (5), and gives read and execute permissions to all other users (5).
# acls:
# - u:deployer:rwx
type:
- directory
hooks:
BeforeBlockTraffic: # run tasks on instances before they are deregistered from a load balancer.
- location: ./devops/hooks/1_BeforeBlockTraffic.sh
timeout: 300
runas: deployer # we are running codedeploy as non-root user and only the root user has the ability to have runas "su" command without password authentication
# BlockTraffic: # can't be scripted
# - location: ./devops/hooks/2_BlockTraffic.sh
# timeout: 300
# # runas: deployer
AfterBlockTraffic: # run tasks on instances after they are deregistered from a load balancer.
- location: ./devops/hooks/3_AfterBlockTraffic.sh
timeout: 300
runas: deployer
ApplicationStop: # occurs even before the application revision is downloaded
- location: ./devops/hooks/4_ApplicationStop.sh
timeout: 300
runas: root
# DownloadBundle: # can't be scripted
# - location: ./devops/hooks/5_DownloadBundle.sh
# timeout: 300
# runas: deployer
BeforeInstall:
- location: ./devops/hooks/6_BeforeInstall.sh
timeout: 300
runas: root
# Install: # can't be scripted, copies the revision files from the temporary location to the final destination folder.
# - location: ./devops/hooks/7_Install.sh
# timeout: 300
# runas: deployer
AfterInstall:
- location: ./devops/hooks/8_AfterInstall.sh
timeout: 300
# runas: deployer
ApplicationStart:
- location: ./devops/hooks/9_ApplicationStart.sh
timeout: 300
runas: root
ValidateService:
- location: ./devops/hooks/10_ValidateService.sh
timeout: 300
runas: deployer
BeforeAllowTraffic: # run tasks on instances before they are registered with a load balancer.
- location: ./devops/hooks/11_BeforeAllowTraffic.sh
timeout: 300
# runas: deployer
# AllowTraffic: # can't be scripted
# - location: ./devops/hooks/12_AllowTraffic.sh
# timeout: 300
# # runas: deployer
AfterAllowTraffic: # run tasks on instances after they are registered with a load balancer.
- location: ./devops/hooks/13_AfterAllowTraffic.sh
timeout: 300
# runas: deployer
I have serverless_common.yml file for all shared things across all my lambdas and I have serverless.yml in my individual service when I try to import package.patterns in to my individual service yml file I get following error when I do sls print
Serverless Error ----------------------------------------
Configuration error:
at 'functions.app.events[0]': unrecognized property 'enabled'
at 'package.patterns[0]': should be string
Your Environment Information ---------------------------
Operating System: darwin
Node Version: 14.16.1
Framework Version: 2.46.0 (local)
Plugin Version: 5.4.0
SDK Version: 4.2.3
Components Version: 3.12.0
#serverless_common.yml
package:
patterns:
- '!target/**'
- '!tests/**'
- '!test/**'
- '!tools/**'
- '!README.md'
- '!node_modules/.bin/**'
- '!serverless/**'
- '!.*'
#service1/serverless.yml
package:
individually: true
patterns:
- something-specific-to-service1
- ${file(../serverless_common.yml):package.patterns}
functions:
app:
handler: index.handler
name: service1
events:
- schedule: cron(0 09 * * ? *)
enabled: false
serverless_common.yml
/service1
|- package.json
|- index.js
|- serverless.yml
/service2
|- package.json
|- index.js
|- serverless.yml
The errors are warning you that you've got two indentation issues.
The first is in your serverless_common.yml file. The array items should be indented one place further:
#serverless_common.yml
package:
patterns:
- '!target/**'
- '!tests/**'
- '!test/**'
- '!tools/**'
- '!README.md'
- '!node_modules/.bin/**'
- '!serverless/**'
- '!.*'
The second is in your cron expression. The one-line syntax is only if you're not using other arguments. Since you want to pass enabled: false, you'll need to use the multiline syntax:
#service1/serverless.yml
functions:
app:
handler: index.handler
name: service1
events:
- schedule:
rate: cron(0 09 * * ? *)
enabled: false
Unfortunately, the syntax you've chosen won't merge the two arrays. You'll have to reference each item in your array individually, or rewrite your serverless.yml into a serverless.js file, which allows you to be more programmatic.
package:
individually: true
patterns:
- something-specific-to-service1
- ${file(../serverless_common.yml):package.patterns.foo}
- ${file(../serverless_common.yml):package.patterns.bar}
# ... etc
I want to include a template, but it won't work. I know this is somehow a duplicate question, but the other answers don't solve my problem.
Template-File (base.yml)
trigger:
- master
pool: 'Etiscan Windows'
variables:
solution: '**/*.sln'
buildPlatform: 'x86'
buildConfiguration: 'Release'
steps:
- task: NuGetToolInstaller#1
- task: NuGetCommand#2
inputs:
command: 'restore'
restoreSolution: '**/*.sln'
feedsToUse: 'select'
vstsFeed: '76b8ae4e-2263-4849-bfb3-e1f621bf5bd7'
...to be continued....
Azure-Pipelines.yml
resources:
repositories:
- repository: templates
type: git
name: YML-Templates/NugetCfBuilderTemplate
stages:
- stage: Job1
- template: base.yml#templates
Errors
/base.yml#templates (Line: 6, Col: 1): Unexpected value 'trigger'
/base.yml#templates (Line: 9, Col: 1): Unexpected value 'pool'
/base.yml#templates (Line: 11, Col: 1): Unexpected value 'variables'
/base.yml#templates (Line: 16, Col: 1): Unexpected value 'steps'
In the resource, we can also add the trigger, refer doc. Help you modified the yaml, hope this will help:
resources:
repositories:
- repository: templates
type: git
name: YML-Templates/NugetCfBuilderTemplate
trigger:
branches:
include:
- master
stages:
- stage: Job1
- template: base.yml#templates
Note: please remove the trigger in your base.yml file.
Update:
I help you modified your base yaml and here I use the Powershell task to do the test:
stages:
- stage: job1
pool: 'default'
variables:
solution: '**/*.sln'
buildPlatform: 'x86'
buildConfiguration: 'Release'
jobs:
- job: A1
steps:
- task: PowerShell#2
inputs:
targetType: 'inline'
script: |
# Write your PowerShell commands here.
Write-Host "Hello World"
# - task: NuGetToolInstaller#1
# - task: NuGetCommand#2
# inputs:
# command: 'restore'
# restoreSolution: '**/*.sln'
# feedsToUse: 'select'
# vstsFeed: '76b8ae4e-2263-4849-bfb3-e1f621bf5bd7'
Note: Please remove the ' - stage: Job1' from your main yaml file.
Trigger can be defined only at the pipeline level, you cannot set it at the stage level. The stage can only have these children (see YAML schema reference):
stages:
- stage: string # name of the stage (A-Z, a-z, 0-9, and underscore)
displayName: string # friendly name to display in the UI
dependsOn: string | [ string ]
condition: string
variables: # several syntaxes, see specific section
jobs: [ job | templateReference]
You also need to insert a Job containing the steps and move the pool stanza down to Job level.
Hi to all I created and used openAPI by yaml and I created endpoint that maps 2 cloud functions which use path templating to route the call no error by google sdk cli.
Now I call by POST https://myendpointname-3p5hncu3ha-ew.a.run.app/v1/setdndforrefcli/12588/dnd?key=[apikey] because it's mapped by below open api and reply me "Path does not match any requirement URI template.".
I don't know why path template in endpoint not work I added path_translation: APPEND_PATH_TO_ADDRESS to avoid google to use CONSTANT_ADDRESS default which append id in query string with brutal [name of cloud function]?GETid=12588 and overwrite query parameters with same name.
Somebody can tell me how can I debug the endpoint or the error in openAPI (that have green check ok icon in endpoint)?
# [START swagger]
swagger: '2.0'
info:
description: "Get data "
title: "Cloud Endpoint + GCF"
version: "1.0.0"
host: myendpointname-3p5hncu3ha-ew.a.run.app
# [END swagger]
basePath: "/v1"
#consumes:
# - application/json
#produces:
# - application/json
schemes:
- https
paths:
/setdndforrefcli/{id}/dnd:
post:
summary:
operationId: setdndforrefcli
parameters:
- name: id # is the id parameter in the path
in: path # is the parameter where is in query for rest or path for restful
required: true
type: integer
format: int64
minimum: 1
security:
- api_key: []
x-google-backend:
address: https://REGION-PROJECT-ID.cloudfunctions.net/mycloudfunction
path_translation: APPEND_PATH_TO_ADDRESS
protocol: h2
responses:
'200':
description: A successful response
schema:
type: string
# [START securityDef]
securityDefinitions:
# This section configures basic authentication with an API key.
api_key:
type: "apiKey"
name: "key"
in: "query"
# [END securityDef]
I had the same error, but after did some test I was able to use successfully the path templating (/endpoint/{id}). I resolved this issue as follows:
1 .- gcloud endpoints services deploy openapi-functions.yaml \
--project project
Here you will get a new Service Configuration that you will to use in the next steps.
2.-
chmod +x gcloud_build_image
./gcloud_build_image -s SERVICE \
-c NEWSERVICECONFIGURATION -p project
Its very important change the service configuration with every new deployment of the managed service.
3.- gcloud run deploy SERVICE \
--image="gcr.io/PROJECT/endpoints-runtime-serverless:SERVICE-NEW_SERVICE_CONFIGURATION" \
--allow-unauthenticated \
--platform managed \
--project=PROJECT
I try to deploy simple example. I didn't change anything except warden.yml file. So, I tried to deploy it to AWS and use elastic IP, so I can access the server with specific IP.
When I deploy it I receive:
Director task 67
Deprecation: Ignoring cloud config. Manifest contains 'networks' section.
Started preparing deployment > Preparing deployment. Done (00:00:00)
Started preparing package compilation > Finding packages to compile. Done (00:00:00)
Started creating missing vms > webapp/3a8acd3a-77a8-4bad-8de4-fb544d70f76d (0). Failed: Unknown CPI error 'InvalidCall' with message 'Arguments are not correct, details: 'expected string value for member 1 of key values of member 1 of option filters'' in 'create_vm' CPI method (00:00:05)
Error 100: Unknown CPI error 'InvalidCall' with message 'Arguments are not correct, details: 'expected string value for member 1 of key values of member 1 of option filters'' in 'create_vm' CPI method
What is the reason of this error?
warden.yml
name: webapp-warden
director_uuid: <%= `bosh status --uuid` %>
releases:
- name: simple-bosh-release
version: latest
compilation:
workers: 1
network: webapp-network
reuse_compilation_vms: true
cloud_properties:
instance_type: t2.medium
availability_zone: us-west-2a
update:
canaries: 1
canary_watch_time: 30000-240000
update_watch_time: 30000-600000
max_in_flight: 3
resource_pools:
- name: common-resource-pool
network: webapp-network
size: 1
stemcell:
name: bosh-aws-xen-ubuntu-trusty-go_agent
version: latest
cloud_properties:
instance_type: t2.medium
availability_zone: us-west-2a
networks:
- name: webapp-network
type: vip
cloud_properties:
security_groups:
- default
# cloud_properties:
# subnet: subnet-87d256ce
- name: default
type: dynamic
cloud_properties:
security_groups:
- default
jobs:
- name: webapp
template: webapp
instances: 1
resource_pool: common-resource-pool
networks:
- name: webapp-network
static_ips:
- 52.40.58.163
- name: default
default: [dns, gateway]
properties:
webapp:
admin: foo#bar.com
servername: 52.40.58.163
This error is coming because there is an missing properties in network configuration. Provides the subnet id and try it. it will work.