From 14387a519ef794e41b85c039e40ddc419fd5967a Mon Sep 17 00:00:00 2001
From: Nicko Guyer <nicko.guyer@kaleido.io>
Date: Tue, 9 Jan 2024 16:32:19 -0500
Subject: [PATCH 1/7] Set group permissions in volumes

Signed-off-by: Nicko Guyer <nicko.guyer@kaleido.io>
---
 internal/core/config.go          |  2 +-
 internal/docker/docker.go        | 19 +++++++++++++++++--
 internal/docker/docker_config.go |  4 ++--
 internal/stacks/stack_manager.go |  5 +++++
 4 files changed, 25 insertions(+), 5 deletions(-)

diff --git a/internal/core/config.go b/internal/core/config.go
index 77c49055..5de196b8 100644
--- a/internal/core/config.go
+++ b/internal/core/config.go
@@ -162,7 +162,7 @@ func getPostgresURL(member *types.Organization) string {
 
 func getSQLitePath(member *types.Organization, runtimeDir string) string {
 	if !member.External {
-		return "/etc/firefly/db/sqlite.db?_busy_timeout=5000"
+		return "/etc/firefly/data/db/sqlite.db?_busy_timeout=5000"
 	} else {
 		return path.Join(runtimeDir, member.ID+".db")
 	}
diff --git a/internal/docker/docker.go b/internal/docker/docker.go
index d95a17ef..24b4fc8c 100644
--- a/internal/docker/docker.go
+++ b/internal/docker/docker.go
@@ -48,11 +48,17 @@ func CreateVolume(ctx context.Context, volumeName string) error {
 
 func CopyFileToVolume(ctx context.Context, volumeName string, sourcePath string, destPath string) error {
 	fileName := path.Base(sourcePath)
-	return RunDockerCommand(ctx, ".", "run", "--rm", "-v", fmt.Sprintf("%s:/source/%s", sourcePath, fileName), "-v", fmt.Sprintf("%s:/dest", volumeName), "alpine", "cp", "-R", path.Join("/", "source", fileName), path.Join("/", "dest", destPath))
+	source := path.Join("/", "source", fileName)
+	dest := path.Join("/", "dest", destPath)
+	// command := fmt.Sprintf("run --rm -v %s:%s -v %s:%s alpine /bin/sh -c 'cp -R %s %s '", sourcePath, source, volumeName, dest, source, dest, dest, dest)
+	command := fmt.Sprintf("cp -R %s %s && chgrp -R 0 %s && chmod -R g+rwX %s", source, dest, dest, dest)
+	return RunDockerCommand(ctx, ".", "run", "--rm", "-v", fmt.Sprintf("%s:%s", sourcePath, source), "-v", fmt.Sprintf("%s:/dest", volumeName), "alpine", "/bin/sh", "-c", command)
 }
 
 func MkdirInVolume(ctx context.Context, volumeName string, directory string) error {
-	return RunDockerCommand(ctx, ".", "run", "--rm", "-v", fmt.Sprintf("%s:/dest", volumeName), "alpine", "mkdir", "-p", path.Join("/", "dest", directory))
+	dest := path.Join("/", "dest", directory)
+	command := fmt.Sprintf("mkdir -p %s && chgrp -R 0 %s && chmod -R g+rwX %s", dest, dest, dest)
+	return RunDockerCommand(ctx, ".", "run", "--rm", "-v", fmt.Sprintf("%s:/dest", volumeName), "alpine", "/bin/sh", "-c", command)
 }
 
 func RemoveVolume(ctx context.Context, volumeName string) error {
@@ -88,6 +94,15 @@ func RunDockerCommand(ctx context.Context, workingDir string, command ...string)
 	return err
 }
 
+func RunDockerCommandLine(ctx context.Context, workingDir string, command string) error {
+	parsedCommand := strings.Split(command, " ")
+	fmt.Println(parsedCommand)
+	dockerCmd := exec.Command("docker", parsedCommand...)
+	dockerCmd.Dir = workingDir
+	_, err := runCommand(ctx, dockerCmd)
+	return err
+}
+
 func RunDockerComposeCommand(ctx context.Context, workingDir string, command ...string) error {
 	switch ctx.Value(CtxComposeVersionKey{}) {
 	case ComposeV1:
diff --git a/internal/docker/docker_config.go b/internal/docker/docker_config.go
index f1ac02ca..a9de7ef8 100644
--- a/internal/docker/docker_config.go
+++ b/internal/docker/docker_config.go
@@ -97,12 +97,12 @@ func CreateDockerCompose(s *types.Stack) *DockerComposeConfig {
 				},
 				Volumes: []string{
 					fmt.Sprintf("%s:/etc/firefly/firefly.core.yml:ro", configFile),
-					fmt.Sprintf("firefly_core_db_%s:/etc/firefly/db", member.ID),
+					fmt.Sprintf("firefly_core_data_%s:/etc/firefly/data", member.ID),
 				},
 				DependsOn: map[string]map[string]string{},
 				Logging:   StandardLogOptions,
 			}
-			compose.Volumes[fmt.Sprintf("firefly_core_db_%s", member.ID)] = struct{}{}
+			compose.Volumes[fmt.Sprintf("firefly_core_data_%s", member.ID)] = struct{}{}
 			compose.Services["firefly_core_"+member.ID].DependsOn["dataexchange_"+member.ID] = map[string]string{"condition": "service_started"}
 			compose.Services["firefly_core_"+member.ID].DependsOn["ipfs_"+member.ID] = map[string]string{"condition": "service_healthy"}
 		}
diff --git a/internal/stacks/stack_manager.go b/internal/stacks/stack_manager.go
index 74791125..356ae7da 100644
--- a/internal/stacks/stack_manager.go
+++ b/internal/stacks/stack_manager.go
@@ -933,6 +933,11 @@ func (s *StackManager) runFirstTimeSetup(options *types.StartOptions) (messages
 			}
 		}
 		s.patchFireFlyCoreConfigs(configDir, member, newConfig)
+
+		// Create data directory with correct permissions inside volume
+		dataVolumeName := fmt.Sprintf("%s_firefly_core_data_%s", s.Stack.Name, member.ID)
+		docker.CreateVolume(s.ctx, dataVolumeName)
+		docker.MkdirInVolume(s.ctx, dataVolumeName, "db")
 	}
 
 	// Re-write the docker-compose config again, in case new values have been added

From 72a6ea203c983e798f7fbf66e3b9bac9c21a5df6 Mon Sep 17 00:00:00 2001
From: Nicko Guyer <nicko.guyer@kaleido.io>
Date: Wed, 10 Jan 2024 10:01:57 -0500
Subject: [PATCH 2/7] EVMConnect levelDB changes for non-root users

Signed-off-by: Nicko Guyer <nicko.guyer@kaleido.io>
---
 .../blockchain/ethereum/connector/evmconnect/config.go   | 2 +-
 .../blockchain/ethereum/connector/evmconnect/docker.go   | 9 ++++-----
 2 files changed, 5 insertions(+), 6 deletions(-)

diff --git a/internal/blockchain/ethereum/connector/evmconnect/config.go b/internal/blockchain/ethereum/connector/evmconnect/config.go
index 48ed4887..4018491f 100644
--- a/internal/blockchain/ethereum/connector/evmconnect/config.go
+++ b/internal/blockchain/ethereum/connector/evmconnect/config.go
@@ -130,7 +130,7 @@ func (e *Evmconnect) GenerateConfig(stack *types.Stack, org *types.Organization,
 		},
 		Persistence: &PersistenceConfig{
 			LevelDB: &LevelDBConfig{
-				Path: "/evmconnect/leveldb",
+				Path: "/evmconnect/data/leveldb",
 			},
 		},
 		FFCore: &FFCoreConfig{
diff --git a/internal/blockchain/ethereum/connector/evmconnect/docker.go b/internal/blockchain/ethereum/connector/evmconnect/docker.go
index eee3ef09..f68800cc 100644
--- a/internal/blockchain/ethereum/connector/evmconnect/docker.go
+++ b/internal/blockchain/ethereum/connector/evmconnect/docker.go
@@ -35,18 +35,17 @@ func (e *Evmconnect) GetServiceDefinitions(s *types.Stack, dependentServices map
 			Service: &docker.Service{
 				Image:         s.VersionManifest.Evmconnect.GetDockerImageString(),
 				ContainerName: fmt.Sprintf("%s_evmconnect_%v", s.Name, i),
-				Command:       "-f /evmconnect/config/config.yaml",
+				Command:       "-f /evmconnect/config.yaml",
 				DependsOn:     dependsOn,
 				Ports:         []string{fmt.Sprintf("%d:%v", member.ExposedConnectorPort, e.Port())},
 				Volumes: []string{
-					fmt.Sprintf("evmconnect_config_%s:/evmconnect/config", member.ID),
-					fmt.Sprintf("evmconnect_leveldb_%s:/evmconnect/leveldb", member.ID),
+					fmt.Sprintf("%s/config/evmconnect_%s.yaml:/evmconnect/config.yaml", s.RuntimeDir, member.ID),
+					fmt.Sprintf("evmconnect_data_%s:/evmconnect/data", member.ID),
 				},
 				Logging: docker.StandardLogOptions,
 			},
 			VolumeNames: []string{
-				fmt.Sprintf("evmconnect_config_%s", member.ID),
-				fmt.Sprintf("evmconnect_leveldb_%s", member.ID),
+				fmt.Sprintf("evmconnect_data_%s", member.ID),
 			},
 		}
 	}

From 8ea90cca1387c0b67d19e92182c481601c771016 Mon Sep 17 00:00:00 2001
From: Nicko Guyer <nicko.guyer@kaleido.io>
Date: Wed, 10 Jan 2024 13:08:24 -0500
Subject: [PATCH 3/7] dataexchange changes for non-root users

Signed-off-by: Nicko Guyer <nicko.guyer@kaleido.io>
---
 internal/blockchain/ethereum/connector/ethconnect/config.go | 4 ++--
 internal/blockchain/ethereum/connector/ethconnect/docker.go | 6 ++----
 internal/stacks/stack_manager.go                            | 1 +
 3 files changed, 5 insertions(+), 6 deletions(-)

diff --git a/internal/blockchain/ethereum/connector/ethconnect/config.go b/internal/blockchain/ethereum/connector/ethconnect/config.go
index 1276c82c..c34f98c2 100644
--- a/internal/blockchain/ethereum/connector/ethconnect/config.go
+++ b/internal/blockchain/ethereum/connector/ethconnect/config.go
@@ -87,8 +87,8 @@ func (e *Ethconnect) GenerateConfig(stack *types.Stack, member *types.Organizati
 				RPC:           &RPC{URL: fmt.Sprintf("http://%s:8545", blockchainServiceName)},
 				OpenAPI: &OpenAPI{
 					EventPollingIntervalSec: 1,
-					StoragePath:             "./abis",
-					EventsDB:                "./events",
+					StoragePath:             "./data/abis",
+					EventsDB:                "./data/events",
 				},
 				HTTP: &HTTP{
 					Port: 8080,
diff --git a/internal/blockchain/ethereum/connector/ethconnect/docker.go b/internal/blockchain/ethereum/connector/ethconnect/docker.go
index 39600c1e..15602860 100644
--- a/internal/blockchain/ethereum/connector/ethconnect/docker.go
+++ b/internal/blockchain/ethereum/connector/ethconnect/docker.go
@@ -40,15 +40,13 @@ func (e *Ethconnect) GetServiceDefinitions(s *types.Stack, dependentServices map
 				Ports:         []string{fmt.Sprintf("%d:8080", member.ExposedConnectorPort)},
 				Volumes: []string{
 					fmt.Sprintf("ethconnect_config_%s:/ethconnect/config", member.ID),
-					fmt.Sprintf("ethconnect_abis_%s:/ethconnect/abis", member.ID),
-					fmt.Sprintf("ethconnect_events_%s:/ethconnect/events", member.ID),
+					fmt.Sprintf("ethconnect_data_%s:/ethconnect/data", member.ID),
 				},
 				Logging: docker.StandardLogOptions,
 			},
 			VolumeNames: []string{
 				fmt.Sprintf("ethconnect_config_%v", member.ID),
-				fmt.Sprintf("ethconnect_abis_%v", member.ID),
-				fmt.Sprintf("ethconnect_events_%v", member.ID),
+				fmt.Sprintf("ethconnect_data_%v", member.ID),
 			},
 		}
 	}
diff --git a/internal/stacks/stack_manager.go b/internal/stacks/stack_manager.go
index 356ae7da..7ed4e8be 100644
--- a/internal/stacks/stack_manager.go
+++ b/internal/stacks/stack_manager.go
@@ -510,6 +510,7 @@ func (s *StackManager) copyDataExchangeConfigToVolumes() error {
 		// Copy files into docker volumes
 		memberDXDir := path.Join(configDir, "dataexchange_"+member.ID)
 		volumeName := fmt.Sprintf("%s_dataexchange_%s", s.Stack.Name, member.ID)
+		docker.MkdirInVolume(s.ctx, volumeName, "data")
 		docker.MkdirInVolume(s.ctx, volumeName, "peer-certs")
 		if err := docker.CopyFileToVolume(s.ctx, volumeName, path.Join(memberDXDir, "config.json"), "/config.json"); err != nil {
 			return err

From 19e8aa54d88074b8aefded22f2de8c193d51a966 Mon Sep 17 00:00:00 2001
From: Nicko Guyer <nicko.guyer@kaleido.io>
Date: Wed, 10 Jan 2024 13:29:09 -0500
Subject: [PATCH 4/7] dataexchange changes for non-root users

Signed-off-by: Nicko Guyer <nicko.guyer@kaleido.io>
---
 internal/stacks/stack_manager.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/internal/stacks/stack_manager.go b/internal/stacks/stack_manager.go
index 7ed4e8be..37aa24d5 100644
--- a/internal/stacks/stack_manager.go
+++ b/internal/stacks/stack_manager.go
@@ -510,7 +510,7 @@ func (s *StackManager) copyDataExchangeConfigToVolumes() error {
 		// Copy files into docker volumes
 		memberDXDir := path.Join(configDir, "dataexchange_"+member.ID)
 		volumeName := fmt.Sprintf("%s_dataexchange_%s", s.Stack.Name, member.ID)
-		docker.MkdirInVolume(s.ctx, volumeName, "data")
+		docker.MkdirInVolume(s.ctx, volumeName, "destinations")
 		docker.MkdirInVolume(s.ctx, volumeName, "peer-certs")
 		if err := docker.CopyFileToVolume(s.ctx, volumeName, path.Join(memberDXDir, "config.json"), "/config.json"); err != nil {
 			return err

From 966766b91408506b685e71a203e0ce6955dae6ac Mon Sep 17 00:00:00 2001
From: Nicko Guyer <nicko.guyer@kaleido.io>
Date: Wed, 10 Jan 2024 13:32:25 -0500
Subject: [PATCH 5/7] dataexchange changes for non-root users

Signed-off-by: Nicko Guyer <nicko.guyer@kaleido.io>
---
 internal/stacks/stack_manager.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/internal/stacks/stack_manager.go b/internal/stacks/stack_manager.go
index 37aa24d5..2428ec0d 100644
--- a/internal/stacks/stack_manager.go
+++ b/internal/stacks/stack_manager.go
@@ -511,6 +511,7 @@ func (s *StackManager) copyDataExchangeConfigToVolumes() error {
 		memberDXDir := path.Join(configDir, "dataexchange_"+member.ID)
 		volumeName := fmt.Sprintf("%s_dataexchange_%s", s.Stack.Name, member.ID)
 		docker.MkdirInVolume(s.ctx, volumeName, "destinations")
+		docker.MkdirInVolume(s.ctx, volumeName, "peers")
 		docker.MkdirInVolume(s.ctx, volumeName, "peer-certs")
 		if err := docker.CopyFileToVolume(s.ctx, volumeName, path.Join(memberDXDir, "config.json"), "/config.json"); err != nil {
 			return err

From b1c3e57586f0333b7a50030a5ff003c7e272701f Mon Sep 17 00:00:00 2001
From: Nicko Guyer <nicko.guyer@kaleido.io>
Date: Wed, 7 Feb 2024 11:58:20 -0500
Subject: [PATCH 6/7] Upgrade to Fabric 2.5

Signed-off-by: Nicko Guyer <nicko.guyer@kaleido.io>
---
 internal/blockchain/fabric/constants.go       | 6 +++---
 internal/blockchain/fabric/fabric_provider.go | 1 +
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/internal/blockchain/fabric/constants.go b/internal/blockchain/fabric/constants.go
index 43482d9e..6c0599dd 100644
--- a/internal/blockchain/fabric/constants.go
+++ b/internal/blockchain/fabric/constants.go
@@ -16,7 +16,7 @@
 
 package fabric
 
-var FabricToolsImageName = "hyperledger/fabric-tools:2.3"
+var FabricToolsImageName = "hyperledger/fabric-tools:2.5"
 var FabricCAImageName = "hyperledger/fabric-ca:1.5"
-var FabricOrdererImageName = "hyperledger/fabric-orderer:2.3"
-var FabricPeerImageName = "hyperledger/fabric-peer:2.3"
+var FabricOrdererImageName = "hyperledger/fabric-orderer:2.5"
+var FabricPeerImageName = "hyperledger/fabric-peer:2.5"
diff --git a/internal/blockchain/fabric/fabric_provider.go b/internal/blockchain/fabric/fabric_provider.go
index 01fb168d..8182f6fb 100644
--- a/internal/blockchain/fabric/fabric_provider.go
+++ b/internal/blockchain/fabric/fabric_provider.go
@@ -123,6 +123,7 @@ func (p *FabricProvider) FirstTimeSetup() error {
 			"run",
 			"--platform", getDockerPlatform(),
 			"--rm",
+			"-e", "FABRIC_CFG_PATH=/etc/hyperledger/fabric/configtx.yaml",
 			"-v", fmt.Sprintf("%s:/etc/firefly", volumeName),
 			"-v", fmt.Sprintf("%s:/etc/hyperledger/fabric/configtx.yaml", path.Join(blockchainDirectory, "configtx.yaml")),
 			FabricToolsImageName,

From a5a22ff7764326d62d1b73bf5756ab0327e59683 Mon Sep 17 00:00:00 2001
From: Nicko Guyer <nicko.guyer@kaleido.io>
Date: Wed, 28 Feb 2024 12:43:08 -0500
Subject: [PATCH 7/7] Fix fabconnect test

Signed-off-by: Nicko Guyer <nicko.guyer@kaleido.io>
---
 .../blockchain/fabric/fabconnect/client_test.go  | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/internal/blockchain/fabric/fabconnect/client_test.go b/internal/blockchain/fabric/fabconnect/client_test.go
index ad749ceb..229db04a 100644
--- a/internal/blockchain/fabric/fabconnect/client_test.go
+++ b/internal/blockchain/fabric/fabconnect/client_test.go
@@ -110,11 +110,11 @@ func TestEnrollIdentity(t *testing.T) {
 			ApiResponse: `
 			{
 				"Name": "fabric_user-1",
-				"Success": "success"
+				"Success": true
 			}`,
 			ExpectedResponse: &EnrollIdentityResponse{
 				Name:    "fabric_user-1",
-				Success: "success",
+				Success: true,
 			},
 		},
 		{
@@ -126,11 +126,11 @@ func TestEnrollIdentity(t *testing.T) {
 			ApiResponse: `
 			{
 				"Name": "fabric_user-2",
-				"Success": "success"
+				"Success": true
 			}`,
 			ExpectedResponse: &EnrollIdentityResponse{
 				Name:    "fabric_user-2",
-				Success: "success",
+				Success: true,
 			},
 		},
 		{
@@ -142,11 +142,11 @@ func TestEnrollIdentity(t *testing.T) {
 			ApiResponse: `
 			{
 				"Name": "fabric_user-3",
-				"Success": "success"
+				"Success": true
 			}`,
 			ExpectedResponse: &EnrollIdentityResponse{
 				Name:    "fabric_user-3",
-				Success: "success",
+				Success: true,
 			},
 		},
 		{
@@ -157,12 +157,12 @@ func TestEnrollIdentity(t *testing.T) {
 			ApiResponse: `
 			{
 			   "Name": "fabric_user-4",
-			   "Success": "success"
+			   "Success": true
 			}   
 			`,
 			ExpectedResponse: &EnrollIdentityResponse{
 				Name:    "fabric_user-4",
-				Success: "success",
+				Success: true,
 			},
 		},
 	}