From e90058962fd9fdfcc56f0340c48081c476dbea03 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Waldemar=20=C5=BBurowski?=
<45210402+wzur-r3@users.noreply.github.com>
Date: Tue, 11 Feb 2020 11:57:51 +0000
Subject: [PATCH 1/5] Updating Artifactory URLs for Corda OS (#5930) (#5939)
* Switching Artifactory URLs from obsolete ci-artifactory to software.r3.com
---
build.gradle | 4 ++--
docker/src/bash/example-mini-network.sh | 6 +++---
docs/source/network-builder.rst | 4 ++--
docs/source/node-upgrade-notes.rst | 2 +-
docs/source/testnet-explorer-corda.rst | 6 +++---
5 files changed, 11 insertions(+), 11 deletions(-)
diff --git a/build.gradle b/build.gradle
index 40307aacdd..b3ed0c016d 100644
--- a/build.gradle
+++ b/build.gradle
@@ -110,7 +110,7 @@ buildscript {
ext.artifactory_plugin_version = constants.getProperty('artifactoryPluginVersion')
ext.hikari_version = '3.3.1'
ext.liquibase_version = '3.6.3'
- ext.artifactory_contextUrl = 'https://ci-artifactory.corda.r3cev.com/artifactory'
+ ext.artifactory_contextUrl = 'https://software.r3.com/artifactory'
ext.snake_yaml_version = constants.getProperty('snakeYamlVersion')
ext.docker_compose_rule_version = '0.35.0'
ext.selenium_version = '3.141.59'
@@ -157,7 +157,7 @@ buildscript {
url 'https://kotlin.bintray.com/kotlinx'
}
maven {
- url "https://ci-artifactory.corda.r3cev.com/artifactory/corda-dependencies-dev"
+ url "$artifactory_contextUrl/corda-dependencies-dev"
}
maven {
url "$artifactory_contextUrl/corda-releases"
diff --git a/docker/src/bash/example-mini-network.sh b/docker/src/bash/example-mini-network.sh
index 15e4e2ca82..5c10d56504 100755
--- a/docker/src/bash/example-mini-network.sh
+++ b/docker/src/bash/example-mini-network.sh
@@ -7,9 +7,9 @@ DOCKER_IMAGE_VERSION="corda-zulu-4.4-snapshot"
mkdir cordapps
rm -f cordapps/*
-wget -O cordapps/finance-contracts.jar https://ci-artifactory.corda.r3cev.com/artifactory/list/corda-dev/net/corda/corda-finance-contracts/${CORDAPP_VERSION}/corda-finance-contracts-${CORDAPP_VERSION}.jar
-wget -O cordapps/finance-workflows.jar https://ci-artifactory.corda.r3cev.com/artifactory/list/corda-dev/net/corda/corda-finance-workflows/${CORDAPP_VERSION}/corda-finance-workflows-${CORDAPP_VERSION}.jar
-wget -O cordapps/confidential-identities.jar https://ci-artifactory.corda.r3cev.com/artifactory/list/corda-dev/net/corda/corda-confidential-identities/${CORDAPP_VERSION}/corda-confidential-identities-${CORDAPP_VERSION}.jar
+wget -O cordapps/finance-contracts.jar https://software.r3.com/artifactory/list/corda-dev/net/corda/corda-finance-contracts/${CORDAPP_VERSION}/corda-finance-contracts-${CORDAPP_VERSION}.jar
+wget -O cordapps/finance-workflows.jar https://software.r3.com/artifactory/list/corda-dev/net/corda/corda-finance-workflows/${CORDAPP_VERSION}/corda-finance-workflows-${CORDAPP_VERSION}.jar
+wget -O cordapps/confidential-identities.jar https://software.r3.com/artifactory/list/corda-dev/net/corda/corda-confidential-identities/${CORDAPP_VERSION}/corda-confidential-identities-${CORDAPP_VERSION}.jar
rm keystore
diff --git a/docs/source/network-builder.rst b/docs/source/network-builder.rst
index 1629920948..168888ee21 100644
--- a/docs/source/network-builder.rst
+++ b/docs/source/network-builder.rst
@@ -16,7 +16,7 @@ Unlike the official image, a `node.conf` file and CorDapps are embedded into the
More backends may be added in future. The tool is open source, so contributions to add more
destinations for the containers are welcome!
-`Download the Corda Network Builder <https://ci-artifactory.corda.r3cev.com/artifactory/corda-releases/net/corda/corda-tools-network-builder/|corda_version|/corda-tools-network-builder-|corda_version|.jar>`_.
+`Download the Corda Network Builder <https://software.r3.com/artifactory/corda-releases/net/corda/corda-tools-network-builder/|corda_version|/corda-tools-network-builder-|corda_version|.jar>`_.
.. _pre-requisites:
@@ -195,4 +195,4 @@ node has been started correctly, run the following in the previously connected S
Shutting down the nodes
-----------------------
-Run ``docker kill $(docker ps -q)`` to kill all running Docker processes.
\ No newline at end of file
+Run ``docker kill $(docker ps -q)`` to kill all running Docker processes.
diff --git a/docs/source/node-upgrade-notes.rst b/docs/source/node-upgrade-notes.rst
index d6c0da05b4..8830eb9bef 100644
--- a/docs/source/node-upgrade-notes.rst
+++ b/docs/source/node-upgrade-notes.rst
@@ -50,7 +50,7 @@ for further information.
Step 4. Replace ``corda.jar`` with the new version
--------------------------------------------------
-Download the latest version of Corda from `our Artifactory site <https://ci-artifactory.corda.r3cev.com/artifactory/webapp/#/artifacts/browse/simple/General/corda/net/corda/corda-node>`_.
+Download the latest version of Corda from `our Artifactory site <https://software.r3.com/artifactory/webapp/#/artifacts/browse/simple/General/corda/net/corda/corda-node>`_.
Make sure it's available on your path, and that you've read the :doc:`release-notes`, in particular to discover what version of Java this
node requires.
diff --git a/docs/source/testnet-explorer-corda.rst b/docs/source/testnet-explorer-corda.rst
index e0fdbc2fd4..e62452253f 100644
--- a/docs/source/testnet-explorer-corda.rst
+++ b/docs/source/testnet-explorer-corda.rst
@@ -34,8 +34,8 @@ couple of resources.
.. code-block:: bash
- wget https://ci-artifactory.corda.r3cev.com/artifactory/corda-releases/net/corda/corda-finance-contracts/|corda_version|/corda-finance-contracts-|corda_version|.jar
- wget https://ci-artifactory.corda.r3cev.com/artifactory/corda-releases/net/corda/corda-finance-workflows/|corda_version|/corda-finance-workflows-|corda_version|.jar
+ wget https://software.r3.com/artifactory/corda-releases/net/corda/corda-finance-contracts/|corda_version|/corda-finance-contracts-|corda_version|.jar
+ wget https://software.r3.com/artifactory/corda-releases/net/corda/corda-finance-workflows/|corda_version|/corda-finance-workflows-|corda_version|.jar
This is required to run some flows to check your connections, and to issue/transfer cash to counterparties. Copy it to
the Corda installation location:
@@ -70,7 +70,7 @@ couple of resources.
.. code:: bash
- http://ci-artifactory.corda.r3cev.com/artifactory/corda-releases/net/corda/corda-tools-explorer/|corda_version|-corda/corda-tools-explorer-|corda_version|-corda.jar
+ https://software.r3.com/artifactory/corda-releases/net/corda/corda-tools-explorer/|corda_version|-corda/corda-tools-explorer-|corda_version|-corda.jar
.. warning:: This Node Explorer is incompatible with the Corda Enterprise distribution and vice versa as they currently
use different serialisation schemes (Kryo vs AMQP).
From 1705299bde883ddc12eef8d1b5d1e35d4cd1ac8d Mon Sep 17 00:00:00 2001
From: Denis Rekalov <denis.rekalov@r3.com>
Date: Tue, 11 Feb 2020 13:14:34 +0000
Subject: [PATCH 2/5] ENT-4918: Support symbolic link for certificates
directory during node registration
---
.../registration/NetworkRegistrationHelper.kt | 2 +-
.../NetworkRegistrationHelperTest.kt | 18 +++++++++++++++++-
2 files changed, 18 insertions(+), 2 deletions(-)
diff --git a/node/src/main/kotlin/net/corda/node/utilities/registration/NetworkRegistrationHelper.kt b/node/src/main/kotlin/net/corda/node/utilities/registration/NetworkRegistrationHelper.kt
index b01d42ae6d..417012ba3e 100644
--- a/node/src/main/kotlin/net/corda/node/utilities/registration/NetworkRegistrationHelper.kt
+++ b/node/src/main/kotlin/net/corda/node/utilities/registration/NetworkRegistrationHelper.kt
@@ -86,7 +86,7 @@ open class NetworkRegistrationHelper(
* @throws CertificateRequestException if the certificate retrieved by doorman is invalid.
*/
fun generateKeysAndRegister() {
- certificatesDirectory.createDirectories()
+ certificatesDirectory.safeSymbolicRead().createDirectories()
// We need this in case cryptoService and certificateStore share the same KeyStore (for backwards compatibility purposes).
// If we didn't, then an update to cryptoService wouldn't be reflected to certificateStore that is already loaded in memory.
val certStore: CertificateStore = if (cryptoService is BCCryptoService) cryptoService.certificateStore else certificateStore
diff --git a/node/src/test/kotlin/net/corda/node/utilities/registration/NetworkRegistrationHelperTest.kt b/node/src/test/kotlin/net/corda/node/utilities/registration/NetworkRegistrationHelperTest.kt
index a2d9362783..caeacc5b71 100644
--- a/node/src/test/kotlin/net/corda/node/utilities/registration/NetworkRegistrationHelperTest.kt
+++ b/node/src/test/kotlin/net/corda/node/utilities/registration/NetworkRegistrationHelperTest.kt
@@ -12,6 +12,7 @@ import net.corda.core.identity.CordaX500Name
import net.corda.core.internal.CertRole
import net.corda.core.internal.createDirectories
import net.corda.core.internal.div
+import net.corda.core.internal.safeSymbolicRead
import net.corda.core.internal.toX500Name
import net.corda.core.utilities.seconds
import net.corda.node.NodeRegistrationOption
@@ -36,6 +37,7 @@ import org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequest
import org.junit.After
import org.junit.Before
import org.junit.Test
+import java.nio.file.Files
import java.security.PublicKey
import java.security.cert.CertPathValidatorException
import java.security.cert.X509Certificate
@@ -204,6 +206,20 @@ class NetworkRegistrationHelperTest {
}
}
+ @Test(timeout=300_000)
+ fun `successful registration with symbolic link for certificates directory`() {
+ assertThat(config.signingCertificateStore.getOptional()).isNull()
+ assertThat(config.p2pSslOptions.keyStore.getOptional()).isNull()
+ assertThat(config.p2pSslOptions.trustStore.getOptional()).isNull()
+
+ val originalCertificatesDirectory = (config.baseDirectory / "certificates2").createDirectories()
+ Files.createSymbolicLink(config.certificatesDirectory, originalCertificatesDirectory)
+
+ val rootAndIntermediateCA = createDevIntermediateCaCertPath().also { saveNetworkTrustStore(CORDA_ROOT_CA to it.first.certificate) }
+
+ createRegistrationHelper(rootAndIntermediateCA = rootAndIntermediateCA).generateKeysAndRegister()
+ }
+
private fun createNodeCaCertPath(type: CertificateType = CertificateType.NODE_CA,
legalName: CordaX500Name = nodeLegalName,
publicKey: PublicKey = Crypto.generateKeyPair(X509Utilities.DEFAULT_TLS_SIGNATURE_SCHEME).public,
@@ -268,7 +284,7 @@ class NetworkRegistrationHelperTest {
* the certificate itself.
*/
private fun saveNetworkTrustStore(vararg trustedCertificates: Pair<String, X509Certificate>) {
- config.certificatesDirectory.createDirectories()
+ config.certificatesDirectory.safeSymbolicRead().createDirectories()
val rootTruststorePath = config.certificatesDirectory / networkRootTrustStoreFileName
X509KeyStore.fromFile(rootTruststorePath, networkRootTrustStorePassword, createNew = true).update {
trustedCertificates.forEach {
From ba002a82ec55ad082d3429797364d5ef0ac22bfd Mon Sep 17 00:00:00 2001
From: Denis Rekalov <denis.rekalov@r3.com>
Date: Tue, 11 Feb 2020 15:13:34 +0000
Subject: [PATCH 3/5] CORDA-3587: hashLookup command help misspelling (#5936)
---
.../java/net/corda/tools/shell/HashLookupShellCommand.java | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/tools/shell/src/main/java/net/corda/tools/shell/HashLookupShellCommand.java b/tools/shell/src/main/java/net/corda/tools/shell/HashLookupShellCommand.java
index 3024d8015a..53b7c147d4 100644
--- a/tools/shell/src/main/java/net/corda/tools/shell/HashLookupShellCommand.java
+++ b/tools/shell/src/main/java/net/corda/tools/shell/HashLookupShellCommand.java
@@ -22,13 +22,13 @@ public class HashLookupShellCommand extends InteractiveShellCommand {
@Man("Checks if a transaction matching a specified Id hash value is recorded on this node.\n\n" +
"This is mainly intended to be used for troubleshooting notarisation issues when a\n" +
"state is claimed to be already consumed by another transaction.\n\n" +
- "Example usage: hash-lookup E470FD8A6350A74217B0A99EA5FB71F091C84C64AD0DE0E72ECC10421D03AAC9"
+ "Example usage: hashLookup E470FD8A6350A74217B0A99EA5FB71F091C84C64AD0DE0E72ECC10421D03AAC9"
)
public void main(@Usage("A hexadecimal SHA-256 hash value representing the hashed transaction Id") @Argument(unquote = false) String txIdHash) {
- logger.info("Executing command \"hash-lookup\".");
+ logger.info("Executing command \"hashLookup\".");
if (txIdHash == null) {
- out.println("Please provide a hexadecimal transaction Id hash value, see 'man hash-lookup'", Decoration.bold, Color.red);
+ out.println("Please provide a hexadecimal transaction Id hash value, see 'man hashLookup'", Decoration.bold, Color.red);
return;
}
From af4d9c48a0cb25f56146dbb7d99b58cbe8c8aca4 Mon Sep 17 00:00:00 2001
From: Thomas Schroeter <thomas.schroeter@r3.com>
Date: Wed, 12 Feb 2020 14:10:26 +0000
Subject: [PATCH 4/5] ENT-4933: Document `notary.etaMessageThresholdSeconds`
(#5948)
* ENT-4933: Document `notary.etaMessageThresholdSeconds`
* Fix typo
---
docs/source/corda-configuration-file.rst | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/docs/source/corda-configuration-file.rst b/docs/source/corda-configuration-file.rst
index ce4ea72763..bfe4c781ce 100644
--- a/docs/source/corda-configuration-file.rst
+++ b/docs/source/corda-configuration-file.rst
@@ -452,6 +452,13 @@ notary
*Default:* not defined
+ etaMessageThresholdSeconds
+ If the wait time estimate on the internal queue exceeds this value, the notary may send
+ a wait time update to the client (implementation specific and dependent on the counter
+ party version).
+
+ *Default:* Implementation dependent
+
raft
*(Experimental)* If part of a distributed Raft cluster, specify this configuration object with the following settings:
From c6ab07d92c847e8d560d4bf771d1d63c4d222eeb Mon Sep 17 00:00:00 2001
From: Razvan Codreanu <52859362+Schife@users.noreply.github.com>
Date: Wed, 12 Feb 2020 14:26:06 +0000
Subject: [PATCH 5/5] TM-197 Fix failing test caused by regression and ignoring
flaky DistributedServiceTests (#5934)
* TM-197 Setting bouncy castle provider in order for the test to pass
* TM-197 setting timeout for all builds at 3 hours
* TM-197 ignoring unstable tests
---
.ci/dev/integration/Jenkinsfile | 5 ++++-
.ci/dev/nightly-regression/Jenkinsfile | 1 +
.ci/dev/regression/Jenkinsfile | 1 +
.ci/dev/smoke/Jenkinsfile | 7 +++++--
.ci/dev/unit/Jenkinsfile | 5 ++++-
Jenkinsfile | 5 ++++-
.../net/corda/coretests/crypto/X509NameConstraintsTest.kt | 4 +++-
.../node/services/distributed/DistributedServiceTests.kt | 3 +++
8 files changed, 25 insertions(+), 6 deletions(-)
diff --git a/.ci/dev/integration/Jenkinsfile b/.ci/dev/integration/Jenkinsfile
index 55632617de..420ad78d2a 100644
--- a/.ci/dev/integration/Jenkinsfile
+++ b/.ci/dev/integration/Jenkinsfile
@@ -6,7 +6,10 @@ killAllExistingBuildsForJob(env.JOB_NAME, env.BUILD_NUMBER.toInteger())
pipeline {
agent { label 'local-k8s' }
- options { timestamps() }
+ options {
+ timestamps()
+ timeout(time: 3, unit: 'HOURS')
+ }
environment {
DOCKER_TAG_TO_USE = "${UUID.randomUUID().toString().toLowerCase().subSequence(0, 12)}"
diff --git a/.ci/dev/nightly-regression/Jenkinsfile b/.ci/dev/nightly-regression/Jenkinsfile
index 97c9ad5f7a..de26a41c90 100644
--- a/.ci/dev/nightly-regression/Jenkinsfile
+++ b/.ci/dev/nightly-regression/Jenkinsfile
@@ -9,6 +9,7 @@ pipeline {
timestamps()
overrideIndexTriggers(false)
buildDiscarder(logRotator(daysToKeepStr: '7', artifactDaysToKeepStr: '7'))
+ timeout(time: 3, unit: 'HOURS')
}
triggers {
pollSCM ignorePostCommitHooks: true, scmpoll_spec: '@midnight'
diff --git a/.ci/dev/regression/Jenkinsfile b/.ci/dev/regression/Jenkinsfile
index 4ee366f70b..ed550bd401 100644
--- a/.ci/dev/regression/Jenkinsfile
+++ b/.ci/dev/regression/Jenkinsfile
@@ -8,6 +8,7 @@ pipeline {
options {
timestamps()
buildDiscarder(logRotator(daysToKeepStr: '7', artifactDaysToKeepStr: '7'))
+ timeout(time: 3, unit: 'HOURS')
}
environment {
diff --git a/.ci/dev/smoke/Jenkinsfile b/.ci/dev/smoke/Jenkinsfile
index cba97312af..05aec41e59 100644
--- a/.ci/dev/smoke/Jenkinsfile
+++ b/.ci/dev/smoke/Jenkinsfile
@@ -5,8 +5,11 @@ killAllExistingBuildsForJob(env.JOB_NAME, env.BUILD_NUMBER.toInteger())
pipeline {
agent { label 'local-k8s' }
- options { timestamps()
- overrideIndexTriggers(false) }
+ options {
+ timestamps()
+ overrideIndexTriggers(false)
+ timeout(time: 3, unit: 'HOURS')
+ }
triggers {
issueCommentTrigger('.*smoke tests.*')
diff --git a/.ci/dev/unit/Jenkinsfile b/.ci/dev/unit/Jenkinsfile
index dd2176ea4e..0b7facd77c 100644
--- a/.ci/dev/unit/Jenkinsfile
+++ b/.ci/dev/unit/Jenkinsfile
@@ -6,7 +6,10 @@ killAllExistingBuildsForJob(env.JOB_NAME, env.BUILD_NUMBER.toInteger())
pipeline {
agent { label 'local-k8s' }
- options { timestamps() }
+ options {
+ timestamps()
+ timeout(time: 3, unit: 'HOURS')
+ }
environment {
DOCKER_TAG_TO_USE = "${UUID.randomUUID().toString().toLowerCase().subSequence(0, 12)}"
diff --git a/Jenkinsfile b/Jenkinsfile
index f7ea019654..fa039b4fdc 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -6,7 +6,10 @@ killAllExistingBuildsForJob(env.JOB_NAME, env.BUILD_NUMBER.toInteger())
pipeline {
agent { label 'local-k8s' }
- options { timestamps() }
+ options {
+ timestamps()
+ timeout(time: 3, unit: 'HOURS')
+ }
environment {
DOCKER_TAG_TO_USE = "${env.GIT_COMMIT.subSequence(0, 8)}"
diff --git a/core-tests/src/test/kotlin/net/corda/coretests/crypto/X509NameConstraintsTest.kt b/core-tests/src/test/kotlin/net/corda/coretests/crypto/X509NameConstraintsTest.kt
index 46a941f3f9..98f5e74a18 100644
--- a/core-tests/src/test/kotlin/net/corda/coretests/crypto/X509NameConstraintsTest.kt
+++ b/core-tests/src/test/kotlin/net/corda/coretests/crypto/X509NameConstraintsTest.kt
@@ -12,6 +12,7 @@ import org.bouncycastle.asn1.x509.GeneralSubtree
import org.bouncycastle.asn1.x509.NameConstraints
import org.bouncycastle.jce.provider.BouncyCastleProvider
import org.junit.Test
+import java.security.Security
import java.security.UnrecoverableKeyException
import java.security.cert.CertPathValidator
import java.security.cert.CertPathValidatorException
@@ -93,7 +94,8 @@ class X509NameConstraintsTest {
}
@Test(timeout=300_000)
- fun `x500 name with correct cn and extra attribute`() {
+ fun `x500 name with correct cn and extra attribute`() {
+ Security.addProvider(BouncyCastleProvider())
val acceptableNames = listOf("CN=Bank A TLS, UID=", "O=Bank A")
.map { GeneralSubtree(GeneralName(X500Name(it))) }.toTypedArray()
diff --git a/node/src/integration-test-slow/kotlin/net/corda/node/services/distributed/DistributedServiceTests.kt b/node/src/integration-test-slow/kotlin/net/corda/node/services/distributed/DistributedServiceTests.kt
index 9a6c22ab20..55dcbcfc9f 100644
--- a/node/src/integration-test-slow/kotlin/net/corda/node/services/distributed/DistributedServiceTests.kt
+++ b/node/src/integration-test-slow/kotlin/net/corda/node/services/distributed/DistributedServiceTests.kt
@@ -25,6 +25,7 @@ import net.corda.testing.node.internal.DummyClusterSpec
import net.corda.testing.node.internal.FINANCE_CORDAPPS
import net.corda.testing.node.internal.cordappWithPackages
import org.assertj.core.api.Assertions.assertThat
+import org.junit.Ignore
import org.junit.Test
import rx.Observable
import java.util.*
@@ -81,6 +82,7 @@ class DistributedServiceTests {
}
// TODO This should be in RaftNotaryServiceTests
+ @Ignore
@Test(timeout=300_000)
fun `cluster survives if a notary is killed`() {
setup {
@@ -119,6 +121,7 @@ class DistributedServiceTests {
// TODO Use a dummy distributed service rather than a Raft Notary Service as this test is only about Artemis' ability
// to handle distributed services
+ @Ignore
@Test(timeout=300_000)
fun `requests are distributed evenly amongst the nodes`() {
setup {