Try SpotterManage a Hyperledger Fabric organization
Authors: Simon Stone (@sstone1)
preview | supported by community
Install with ansible-galaxy collection install hyperledger.fabric_ansible_collection:==2.0.7
collections:
- name: hyperledger.fabric_ansible_collection
version: 2.0.7Create, update, or delete a Hyperledger Fabric organization.
A Hyperledger Fabric organziation is also known as a Membership Services Provider (MSP).
This module works with the IBM Support for Hyperledger Fabric software or the Hyperledger Fabric Open Source Stack running in a Red Hat OpenShift or Kubernetes cluster.
- name: Create organization from a certificate authority
hyperledger.fabric_ansible_collection.organization:
state: present
api_endpoint: https://console.example.org:32000
api_authtype: basic
api_key: xxxxxxxx
api_secret: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
name: Org1
msp_id: Org1MSP
certificate_authority: Org1 CA
registrar: Org1 CA Admin.json
admins:
- LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...
- name: Create organization from certificates
hyperledger.fabric_ansible_collection.organization:
state: present
api_endpoint: https://console.example.org:32000
api_authtype: basic
api_key: xxxxxxxx
api_secret: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
name: Org1
msp_id: Org1MSP
root_certs:
- LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...
intermediate_certs:
- LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...
tls_root_certs:
- LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...
tls_intermediate_certs:
- LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...
revocation_list:
- LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...
admins:
- LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...
- name: Delete organization
hyperledger.fabric_ansible_collection.organization:
state: absent
api_endpoint: https://console.example.org:32000
api_authtype: basic
api_key: xxxxxxxx
api_secret: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
name: Org1
hsm:
description:
- 'The PKCS #11 compliant HSM configuration to use for digital signatures.'
- Only required if the identity specified in I(registrar) was enrolled using an HSM.
suboptions:
label:
description:
- The HSM label that should be used for digital signatures.
type: str
pin:
description:
- The HSM pin that should be used for digital signatures.
type: str
pkcs11library:
description:
- 'The PKCS #11 library that should be used for digital signatures.'
type: str
type: dict
name:
description:
- The name of the organization.
required: true
type: str
state:
choices:
- absent
- present
default: present
description:
- C(absent) - An organization matching the specified name will be stopped and removed.
- C(present) - Asserts that an organization matching the specified name and configuration
exists. If no organization matches the specified name, an organization will be created.
If an organization matches the specified name but the configuration does not match,
then the organization will be updated, if it can be. If it cannot be updated, it
will be removed and re-created with the specified configuration.
type: str
admins:
description:
- The list of administrator certificates for this organization.
- Administrator certificates must be supplied as base64 encoded PEM files.
elements: str
type: list
msp_id:
description:
- The MSP ID for the organization.
- Only required when I(state) is C(present).
type: str
api_key:
description:
- The API key for the Fabric operations console.
required: true
type: str
registrar:
description:
- The identity to use when interacting with the certificate authority. If you want
a CRL (Certificate Revocation List) generated from the certificate authority, you
must supply an identity to use as the registrar.
- You can pass a string, which is the path to the JSON file where the enrolled identity
is stored.
- You can also pass a dict, which must match the result format of one of the M(enrolled_identity_info)
or M(enrolled_identity) modules.
type: raw
api_secret:
description:
- The API secret for the Fabric operations console.
- Only required when I(api_authtype) is C(basic).
type: str
root_certs:
description:
- The list of root certificates for this organization.
- Root certificates must be supplied as base64 encoded PEM files.
elements: str
type: list
api_timeout:
default: 60
description:
- The timeout, in seconds, to use when interacting with the Fabric operations console.
type: int
api_authtype:
description:
- C(basic) - Authenticate to the Fabric operations console using basic authentication.
You must provide both a valid API key using I(api_key) and API secret using I(api_secret).
required: true
type: str
api_endpoint:
description:
- The URL for the Fabric operations console.
required: true
type: str
tls_root_certs:
description:
- The list of TLS root certificates for this organization.
- TLS root certificates must be supplied as base64 encoded PEM files.
elements: str
type: list
fabric_node_ous:
description:
- Configuration specific to the identity classification.
suboptions:
admin_ou_identifier:
description:
- Configuration specific to the admin identity classification.
suboptions:
certificate:
description:
- The root or intermediate certificate for this identity classification.
- Root or intermediate certificates must be supplied as base64 encoded PEM
files.
type: str
organizational_unit_identifier:
default: admin
description:
- The organizational unit (OU) identifier for this identity classification.
type: str
type: dict
client_ou_identifier:
description:
- Configuration specific to the client identity classification.
suboptions:
certificate:
description:
- The root or intermediate certificate for this identity classification.
- Root or intermediate certificates must be supplied as base64 encoded PEM
files.
type: str
organizational_unit_identifier:
default: client
description:
- The organizational unit (OU) identifier for this identity classification.
type: str
type: dict
enable:
default: true
description:
- True if identity classification is enabled for this organization, false otherwise.
type: boolean
orderer_ou_identifier:
description:
- Configuration specific to the orderer identity classification.
suboptions:
certificate:
description:
- The root or intermediate certificate for this identity classification.
- Root or intermediate certificates must be supplied as base64 encoded PEM
files.
type: str
organizational_unit_identifier:
default: orderer
description:
- The organizational unit (OU) identifier for this identity classification.
type: str
type: dict
peer_ou_identifier:
description:
- Configuration specific to the peer identity classification.
suboptions:
certificate:
description:
- The root or intermediate certificate for this identity classification.
- Root or intermediate certificates must be supplied as base64 encoded PEM
files.
type: str
organizational_unit_identifier:
default: peer
description:
- The organizational unit (OU) identifier for this identity classification.
type: str
type: dict
type: dict
revocation_list:
description:
- The list of revoked certificates for this organization.
- Revoked certificates must be supplied as base64 encoded PEM files.
elements: str
type: list
intermediate_certs:
description:
- The list of intermediate certificates for this organization.
- Intermediate certificates must be supplied as base64 encoded PEM files.
elements: str
type: list
certificate_authority:
description:
- The certificate authority to use to build this organization.
- You can pass a string, which is the display name of a certificate authority registered
with the Fabric operations console.
- You can also pass a dictionary, which must match the result format of one of the
M(certificate_authority_info) or M(certificate_authority) modules.
type: raw
tls_intermediate_certs:
description:
- The list of TLS root certificates for this organization.
- TLS intermediate certificates must be supplied as base64 encoded PEM files.
elements: str
type: list
organizational_unit_identifiers:
description:
- The list of organizational unit identifiers for this organization.
elements: dict
suboptions:
certificate:
description:
- The root or intermediate certificate for this organizational unit identifier.
- Root or intermediate certificates must be supplied as base64 encoded PEM files.
type: str
organizational_unit_identifier:
description:
- The organizational unit (OU) identifier.
type: str
type: list
organization:
contains:
admins:
description:
- The list of administrator certificates for this organization.
- Administrator certificates must be supplied as base64 encoded PEM files.
elements: str
sample: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...
type: list
fabric_node_ous:
contains:
admin_ou_identifier:
contains:
certificate:
description:
- The root or intermediate certificate for this identity classification.
- Root or intermediate certificates must be supplied as base64 encoded
PEM files.
sample: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...
type: str
organizational_unit_identifier:
description:
- The organizational unit (OU) identifier for this identity classification.
sample: admin
type: str
description:
- Configuration specific to the admin identity classification.
type: dict
client_ou_identifier:
contains:
certificate:
description:
- The root or intermediate certificate for this identity classification.
- Root or intermediate certificates must be supplied as base64 encoded
PEM files.
sample: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...
type: str
organizational_unit_identifier:
description:
- The organizational unit (OU) identifier for this identity classification.
sample: client
type: str
description:
- Configuration specific to the client identity classification.
type: dict
enable:
description:
- True if identity classification is enabled for this organization, false
otherwise.
sample: true
type: boolean
orderer_ou_identifier:
contains:
certificate:
description:
- The root or intermediate certificate for this identity classification.
- Root or intermediate certificates must be supplied as base64 encoded
PEM files.
sample: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...
type: str
organizational_unit_identifier:
description:
- The organizational unit (OU) identifier for this identity classification.
sample: orderer
type: str
description:
- Configuration specific to the orderer identity classification.
type: dict
peer_ou_identifier:
contains:
certificate:
description:
- The root or intermediate certificate for this identity classification.
- Root or intermediate certificates must be supplied as base64 encoded
PEM files.
sample: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...
type: str
organizational_unit_identifier:
description:
- The organizational unit (OU) identifier for this identity classification.
sample: peer
type: str
description:
- Configuration specific to the peer identity classification.
type: dict
description:
- Configuration specific to the identity classification.
type: dict
intermediate_certs:
description:
- The list of intermediate certificates for this organization.
- Intermediate certificates must be supplied as base64 encoded PEM files.
elements: str
sample: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...
type: list
msp_id:
description:
- The MSP ID for the organization.
sample: Org1MSP
type: str
name:
description:
- The name of the organization.
sample: Org1
type: str
organizational_unit_identifiers:
contains:
certificate:
description:
- The root or intermediate certificate for this organizational unit identifier.
- Root or intermediate certificates must be supplied as base64 encoded PEM
files.
sample: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...
type: str
organizational_unit_identifier:
description:
- The organizational unit (OU) identifier.
sample: acctdept
type: str
description:
- The list of organizational unit identifiers for this organization.
elements: dict
type: list
revocation_list:
description:
- The list of revoked certificates for this organization.
- Revoked certificates must be supplied as base64 encoded PEM files.
elements: str
sample: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...
type: list
root_certs:
description:
- The list of root certificates for this organization.
- Root certificates must be supplied as base64 encoded PEM files.
elements: str
sample: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...
type: list
tls_intermediate_certs:
description:
- The list of TLS root certificates for this organization.
- TLS intermediate certificates must be supplied as base64 encoded PEM files.
elements: str
sample: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...
type: list
tls_root_certs:
description:
- The list of TLS root certificates for this organization.
- TLS root certificates must be supplied as base64 encoded PEM files.
elements: str
sample: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...
type: list
description:
- The organization.
returned: when I(state) is C(present)
type: dict