From a028aa092692e2aa224cc38883ab649116524698 Mon Sep 17 00:00:00 2001
From: Michal Bajer <michal.bajer@fujitsu.com>
Date: Fri, 4 Aug 2023 17:49:13 +0000
Subject: [PATCH] build(docker-compose): upgrade to docker compose V2

- `quorum-multi-party-all-in-one`: use newest `quorum-quorum-dev-quickstart`,
    update quorum versions to most recent available. Run ledger as `quorum` user
    (required by newer versions). Use docker compose V2 from alpine package registry instead of
    V1 from pip.
- `besu-multi-party-all-in-one`: similar changes as for quorum-multi-party-all-in-on.
    Fix broken besu private transaction tests.
- `fabric-all-in-one`: Use docker compose V2 from alpine package registry instead of V1 from pip.
- `sawtooth-all-in-one`: Use docker compose V2 from alpine package registry instead of V1 from pip.

Closes: #2593
Closes: #2557

Signed-off-by: Michal Bajer <michal.bajer@fujitsu.com>
---
 .../besu-multi-party-all-in-one/Dockerfile    | 69 +++++++++----------
 .../besu-multi-party-all-in-one/README.md     |  4 ++
 .../env-config.ini                            | 22 ++++++
 .../supervisord.conf                          |  4 +-
 .../fabric-all-in-one/Dockerfile_v1.4.x       | 20 +-----
 .../docker/fabric-all-in-one/Dockerfile_v2.x  | 20 +-----
 .../quorum-multi-party-all-in-one/Dockerfile  | 43 ++++++------
 .../quorum-multi-party-all-in-one/README.md   |  4 ++
 .../env-config.ini                            | 22 ++++++
 .../supervisord.conf                          |  2 +
 tools/docker/sawtooth-all-in-one/Dockerfile   | 23 +++----
 tools/docker/sawtooth-all-in-one/README.md    |  3 +-
 12 files changed, 127 insertions(+), 109 deletions(-)
 create mode 100644 tools/docker/besu-multi-party-all-in-one/env-config.ini
 create mode 100644 tools/docker/quorum-multi-party-all-in-one/env-config.ini

diff --git a/tools/docker/besu-multi-party-all-in-one/Dockerfile b/tools/docker/besu-multi-party-all-in-one/Dockerfile
index 60c6ef1de1..cc3d76beb4 100644
--- a/tools/docker/besu-multi-party-all-in-one/Dockerfile
+++ b/tools/docker/besu-multi-party-all-in-one/Dockerfile
@@ -1,32 +1,37 @@
-FROM docker:24.0.2-dind
+################################
+# STAGE 1
+# Setup quorum-dev-quickstart
+################################
 
-ARG BESU_VERSION=21.1.2
-ARG QUORUM_VERSION=21.4.1
-ARG QUORUM_TESSERA_VERSION=21.1.1
-ARG CA_VERSION=1.4.9
+FROM node:18.17.0 AS quorum-dev-quickstart-setup
 
-WORKDIR /
+ENV QUORUM_QUICKSTART_VERSION=0.1.5
+ENV ROOT_DIR=/opt/quorum-dev-quickstart
 
-RUN apk update
+WORKDIR "${ROOT_DIR}"
+RUN npm install -g "quorum-dev-quickstart@${QUORUM_QUICKSTART_VERSION}"
+RUN quorum-dev-quickstart --clientType besu --outputPath ./ --monitoring default --privacy true --orchestrate false
 
-# Install dependencies of Docker Compose
-RUN apk add py-pip python3-dev libffi-dev openssl-dev gcc libc-dev make
+################################
+# STAGE 2
+# docker compose base
+################################
+
+FROM docker:24.0.5-dind
+
+ENV ROOT_DIR=/opt/quorum-dev-quickstart
+
+WORKDIR /
 
-# Install python/pip - We need this because DinD 18.x has Python 2
-# And we cannot upgrade to DinD 19 because of
-# https://github.com/docker-library/docker/issues/170
-ENV PYTHONUNBUFFERED=1
-RUN apk add --update --no-cache python3 && ln -sf python3 /usr/bin/python
-RUN python3 -m ensurepip
-RUN pip3 install --no-cache --upgrade "pip>=21" setuptools
+RUN addgroup -g 1000 quorum \
+  && adduser -u 1000 -G quorum -g docker -s /bin/sh -D quorum \
+  && addgroup docker \
+  && addgroup quorum docker
 
-# Without this the docker-compose installation crashes, complaining about
-# a lack of rust compiler...
-# RUN pip install setuptools_rust
-ENV CRYPTOGRAPHY_DONT_BUILD_RUST=1
+RUN apk update
 
-# Install Docker Compose which is a dependency of Fabric Samples
-RUN pip install docker-compose
+# Install dependencies of Docker Compose
+RUN apk add docker-cli docker-cli-compose curl
 
 # Need git to clone the sources of the Fabric Samples repository from GitHub
 RUN apk add --no-cache git
@@ -50,8 +55,7 @@ RUN apk add --no-cache --update chromium
 
 ENV CACTUS_CFG_PATH=/etc/hyperledger/cactus
 RUN mkdir -p $CACTUS_CFG_PATH
-# OpenSSH - need to have it so we can shell in and install/instantiate contracts
-RUN apk add --no-cache openssh augeas
+RUN apk add --no-cache augeas
 
 # Configure the OpenSSH server we just installed
 RUN augtool 'set /files/etc/ssh/sshd_config/AuthorizedKeysFile ".ssh/authorized_keys /etc/authorized_keys/%u"'
@@ -79,23 +83,16 @@ RUN apk add --no-cache util-linux
 # FIXME - make it so that SSHd does not need this to work
 RUN echo "root:$(uuidgen)" | chpasswd
 
-RUN git clone https://github.com/petermetz/quorum-dev-quickstart.git
-
-WORKDIR /quorum-dev-quickstart
-
-RUN git checkout programmatically-accept-start-args
-
-RUN npm i
-
-RUN npm run build
-
-RUN npm run start -- --elk false --privacy true --clientType besu
+# Copy quorum-dev-quickstart from the base
+COPY --chown=quorum:quorum --from=quorum-dev-quickstart-setup "${ROOT_DIR}" "${ROOT_DIR}"
+WORKDIR "${ROOT_DIR}"
+COPY --chown=quorum:quorum env-config.ini .env
 
 RUN apk add --no-cache supervisor
 RUN apk add --no-cache ncurses
 
 COPY healthcheck.sh /healthcheck.sh
-COPY supervisord.conf /etc/supervisord.conf
+COPY --chown=quorum:quorum supervisord.conf /etc/supervisord.conf
 
 # # Extend the parent image's entrypoint
 # # https://superuser.com/questions/1459466/can-i-add-an-additional-docker-entrypoint-script
diff --git a/tools/docker/besu-multi-party-all-in-one/README.md b/tools/docker/besu-multi-party-all-in-one/README.md
index 53b4c44e11..a970462065 100644
--- a/tools/docker/besu-multi-party-all-in-one/README.md
+++ b/tools/docker/besu-multi-party-all-in-one/README.md
@@ -101,3 +101,7 @@ docker run \
   --publish 25000:25000 \
   cbmpaio
 ```
+
+## Updating the Besu version
+- `env-config.ini` is the configuration file of `quorum-dev-quickstart` npm package (it's copied as `.env` in the container).
+- To use another version of besu ledger update specific variables in `env-config.ini` and build the container.
\ No newline at end of file
diff --git a/tools/docker/besu-multi-party-all-in-one/env-config.ini b/tools/docker/besu-multi-party-all-in-one/env-config.ini
new file mode 100644
index 0000000000..afa0c34b90
--- /dev/null
+++ b/tools/docker/besu-multi-party-all-in-one/env-config.ini
@@ -0,0 +1,22 @@
+# This file defines environment variables defaults for Docker-compose
+# but we also use it for shell scripts as a sourced file
+
+BESU_VERSION=23.4.1
+QUORUM_VERSION=23.4.0
+TESSERA_VERSION=23.4.0
+ETHSIGNER_VERSION=22.1.3
+QUORUM_EXPLORER_VERSION=4f60191
+
+LOCK_FILE=.quorumDevQuickstart.lock
+
+# GoQuorum consensus algorithm
+# istanbul, qbft, raft
+# !!! lower case ONLY here
+GOQUORUM_CONS_ALGO=qbft
+
+# Besu consensus algorithm
+# IBFT, QBFT, CLIQUE
+# PLEASE NOTE: IBFT used here refers to IBFT2.0 and not IBFT1.0 More information can be found https://besu.hyperledger.org/en/latest/HowTo/Configure/Consensus-Protocols/IBFT/
+# We use IBFT here to keep the API names consistent
+# !!! upper case ONLY here
+BESU_CONS_ALGO=QBFT
\ No newline at end of file
diff --git a/tools/docker/besu-multi-party-all-in-one/supervisord.conf b/tools/docker/besu-multi-party-all-in-one/supervisord.conf
index f5d388fdc5..fc3a4c19b5 100644
--- a/tools/docker/besu-multi-party-all-in-one/supervisord.conf
+++ b/tools/docker/besu-multi-party-all-in-one/supervisord.conf
@@ -23,7 +23,9 @@ stdout_logfile=/dev/stdout
 stdout_logfile_maxbytes=0
 
 [program:besu-network]
-command=/quorum-dev-quickstart/run.sh
+command=%(ENV_ROOT_DIR)s/run.sh
+user=quorum
+environment=HOME="/opt/quorum-dev-quickstart",USER="quorum",TERM="linux"
 autostart=true
 autorestart=unexpected
 stderr_logfile=/dev/stderr
diff --git a/tools/docker/fabric-all-in-one/Dockerfile_v1.4.x b/tools/docker/fabric-all-in-one/Dockerfile_v1.4.x
index 4c1ed74f38..d882825c9c 100644
--- a/tools/docker/fabric-all-in-one/Dockerfile_v1.4.x
+++ b/tools/docker/fabric-all-in-one/Dockerfile_v1.4.x
@@ -10,23 +10,7 @@ WORKDIR /
 RUN apk update
 
 # Install dependencies of Docker Compose
-RUN apk add py-pip python3-dev libffi-dev openssl-dev gcc libc-dev make
-
-# Install python/pip - We need this because DinD 18.x has Python 2
-# And we cannot upgrade to DinD 19 because of
-# https://github.com/docker-library/docker/issues/170
-ENV PYTHONUNBUFFERED=1
-RUN apk add --update --no-cache python3 && ln -sf python3 /usr/bin/python
-RUN python3 -m ensurepip
-RUN pip3 install --no-cache --upgrade "pip>=21" setuptools
-
-# Without this the docker-compose installation crashes, complaining about
-# a lack of rust compiler...
-# RUN pip install setuptools_rust
-ENV CRYPTOGRAPHY_DONT_BUILD_RUST=1
-
-# Install Docker Compose which is a dependency of Fabric Samples
-RUN pip install docker-compose
+RUN apk add docker-cli docker-cli-compose
 
 # Need git to clone the sources of the Fabric Samples repository from GitHub
 RUN apk add --no-cache git
@@ -57,7 +41,7 @@ RUN apk add --no-cache libc6-compat
 ENV CACTUS_CFG_PATH=/etc/hyperledger/cactus
 RUN mkdir -p $CACTUS_CFG_PATH
 # OpenSSH - need to have it so we can shell in and install/instantiate contracts
-RUN apk add --no-cache openssh augeas
+RUN apk add --no-cache augeas
 
 # Configure the OpenSSH server we just installed
 RUN augtool 'set /files/etc/ssh/sshd_config/AuthorizedKeysFile ".ssh/authorized_keys /etc/authorized_keys/%u"'
diff --git a/tools/docker/fabric-all-in-one/Dockerfile_v2.x b/tools/docker/fabric-all-in-one/Dockerfile_v2.x
index eb47ecb26b..fe4b8978de 100644
--- a/tools/docker/fabric-all-in-one/Dockerfile_v2.x
+++ b/tools/docker/fabric-all-in-one/Dockerfile_v2.x
@@ -12,23 +12,7 @@ WORKDIR /
 RUN apk update
 
 # Install dependencies of Docker Compose
-RUN apk add py-pip python3-dev libffi-dev openssl-dev gcc libc-dev make
-
-# Install python/pip - We need this because DinD 18.x has Python 2
-# And we cannot upgrade to DinD 19 because of
-# https://github.com/docker-library/docker/issues/170
-ENV PYTHONUNBUFFERED=1
-RUN apk add --update --no-cache python3 && ln -sf python3 /usr/bin/python
-RUN python3 -m ensurepip
-RUN pip3 install --no-cache --upgrade "pip>=21" setuptools
-
-# Without this the docker-compose installation crashes, complaining about
-# a lack of rust compiler...
-# RUN pip install setuptools_rust
-ENV CRYPTOGRAPHY_DONT_BUILD_RUST=1
-
-# Install Docker Compose which is a dependency of Fabric Samples
-RUN pip install docker-compose
+RUN apk add docker-cli docker-cli-compose
 
 # Need git to clone the sources of the Fabric Samples repository from GitHub
 RUN apk add --no-cache git
@@ -62,7 +46,7 @@ RUN apk add --no-cache libc6-compat
 ENV CACTUS_CFG_PATH=/etc/hyperledger/cactus
 RUN mkdir -p $CACTUS_CFG_PATH
 # OpenSSH - need to have it so we can shell in and install/instantiate contracts
-RUN apk add --no-cache openssh augeas
+RUN apk add --no-cache augeas
 
 # Configure the OpenSSH server we just installed
 RUN augtool 'set /files/etc/ssh/sshd_config/AuthorizedKeysFile ".ssh/authorized_keys /etc/authorized_keys/%u"'
diff --git a/tools/docker/quorum-multi-party-all-in-one/Dockerfile b/tools/docker/quorum-multi-party-all-in-one/Dockerfile
index 3a07c43294..32f6e01d33 100644
--- a/tools/docker/quorum-multi-party-all-in-one/Dockerfile
+++ b/tools/docker/quorum-multi-party-all-in-one/Dockerfile
@@ -3,9 +3,9 @@
 # Setup quorum-dev-quickstart
 ################################
 
-FROM node:16.17.0 AS quorum-dev-quickstart-setup
+FROM node:18.17.0 AS quorum-dev-quickstart-setup
 
-ENV QUORUM_QUICKSTART_VERSION=0.0.80
+ENV QUORUM_QUICKSTART_VERSION=0.1.5
 ENV ROOT_DIR=/opt/quorum-dev-quickstart
 
 WORKDIR "${ROOT_DIR}"
@@ -14,38 +14,41 @@ RUN quorum-dev-quickstart --clientType goquorum --outputPath ./ --monitoring def
 
 ################################
 # STAGE 2
-# docker-compose base
+# docker compose base
 ################################
 
-FROM docker:24.0.2-dind
+FROM docker:24.0.5-dind
 
 ENV ROOT_DIR=/opt/quorum-dev-quickstart
 
-# Install docker-compose and quorum-dev-quickstart setup dependencies
+# Install docker compose and quorum-dev-quickstart setup dependencies
 RUN apk update \
   && apk add --no-cache \
-    py-pip \
-    python3-dev \
-    libffi-dev \
-    openssl-dev \
-    gcc \
-    libc-dev \
-    rust \
-    cargo \
-    make \
-    bash \
-    ncurses \
-    supervisor \
-  && pip install docker-compose
+  docker-cli \
+  docker-cli-compose \
+  gcc \
+  libc-dev \
+  rust \
+  cargo \
+  make \
+  bash \
+  ncurses \
+  supervisor
+
+RUN addgroup -g 1000 quorum \
+  && adduser -u 1000 -G quorum -g docker -s /bin/sh -D quorum \
+  && addgroup docker \
+  && addgroup quorum docker
 
 # Copy quorum-dev-quickstart from the base
-COPY --from=quorum-dev-quickstart-setup "${ROOT_DIR}" "${ROOT_DIR}"
+COPY --chown=quorum:quorum --from=quorum-dev-quickstart-setup "${ROOT_DIR}" "${ROOT_DIR}"
 WORKDIR "${ROOT_DIR}"
+COPY --chown=quorum:quorum env-config.ini .env
 
 COPY healthcheck.sh /healthcheck.sh
 HEALTHCHECK --interval=10s --timeout=5s --start-period=60s --retries=500 CMD /healthcheck.sh
 
-COPY supervisord.conf /etc/supervisord.conf
+COPY --chown=quorum:quorum supervisord.conf /etc/supervisord.conf
 ENTRYPOINT ["/usr/bin/supervisord"]
 CMD ["--configuration", "/etc/supervisord.conf", "--nodaemon"]
 
diff --git a/tools/docker/quorum-multi-party-all-in-one/README.md b/tools/docker/quorum-multi-party-all-in-one/README.md
index d2f90b6068..f11d518629 100644
--- a/tools/docker/quorum-multi-party-all-in-one/README.md
+++ b/tools/docker/quorum-multi-party-all-in-one/README.md
@@ -86,3 +86,7 @@ docker run \
   --publish 25000:25000 \
   cqmpaio
 ```
+
+## Updating the Quorum version
+- `env-config.ini` is the configuration file of `quorum-dev-quickstart` npm package (it's copied as `.env` in the container).
+- To use another version of quorum ledger update specific variables in `env-config.ini` and build the container.
diff --git a/tools/docker/quorum-multi-party-all-in-one/env-config.ini b/tools/docker/quorum-multi-party-all-in-one/env-config.ini
new file mode 100644
index 0000000000..afa0c34b90
--- /dev/null
+++ b/tools/docker/quorum-multi-party-all-in-one/env-config.ini
@@ -0,0 +1,22 @@
+# This file defines environment variables defaults for Docker-compose
+# but we also use it for shell scripts as a sourced file
+
+BESU_VERSION=23.4.1
+QUORUM_VERSION=23.4.0
+TESSERA_VERSION=23.4.0
+ETHSIGNER_VERSION=22.1.3
+QUORUM_EXPLORER_VERSION=4f60191
+
+LOCK_FILE=.quorumDevQuickstart.lock
+
+# GoQuorum consensus algorithm
+# istanbul, qbft, raft
+# !!! lower case ONLY here
+GOQUORUM_CONS_ALGO=qbft
+
+# Besu consensus algorithm
+# IBFT, QBFT, CLIQUE
+# PLEASE NOTE: IBFT used here refers to IBFT2.0 and not IBFT1.0 More information can be found https://besu.hyperledger.org/en/latest/HowTo/Configure/Consensus-Protocols/IBFT/
+# We use IBFT here to keep the API names consistent
+# !!! upper case ONLY here
+BESU_CONS_ALGO=QBFT
\ No newline at end of file
diff --git a/tools/docker/quorum-multi-party-all-in-one/supervisord.conf b/tools/docker/quorum-multi-party-all-in-one/supervisord.conf
index 702c8ce9b5..9daf12521f 100644
--- a/tools/docker/quorum-multi-party-all-in-one/supervisord.conf
+++ b/tools/docker/quorum-multi-party-all-in-one/supervisord.conf
@@ -15,6 +15,8 @@ stdout_logfile_maxbytes=0
 
 [program:quorum-network]
 command=%(ENV_ROOT_DIR)s/run.sh
+user=quorum
+environment=HOME="/opt/quorum-dev-quickstart",USER="quorum",TERM="linux"
 autostart=true
 autorestart=false
 stderr_logfile=/dev/stderr
diff --git a/tools/docker/sawtooth-all-in-one/Dockerfile b/tools/docker/sawtooth-all-in-one/Dockerfile
index fba9e761aa..5110ccc0bc 100644
--- a/tools/docker/sawtooth-all-in-one/Dockerfile
+++ b/tools/docker/sawtooth-all-in-one/Dockerfile
@@ -1,20 +1,15 @@
-FROM docker:24.0.2-dind
+FROM docker:24.0.5-dind
 
-# Install docker-compose and it's dependencies
 RUN apk update \
   && apk add --no-cache \
-    py-pip \
-    python3-dev \
-    libffi-dev \
-    openssl-dev \
-    gcc \
-    libc-dev \
-    rust \
-    cargo \
-    make \
-    supervisor \
-  && pip install wheel \
-  && pip install docker-compose
+  docker-cli \
+  docker-cli-compose \
+  gcc \
+  libc-dev \
+  rust \
+  cargo \
+  make \
+  supervisor
 
 # Copy sawtooth docker-compose
 COPY ./sawtooth-default.yaml /app/docker-compose.yaml
diff --git a/tools/docker/sawtooth-all-in-one/README.md b/tools/docker/sawtooth-all-in-one/README.md
index aebffd78a3..abd3a15309 100644
--- a/tools/docker/sawtooth-all-in-one/README.md
+++ b/tools/docker/sawtooth-all-in-one/README.md
@@ -18,11 +18,10 @@ docker-compose build && docker-compose up -d
 ```
 
 ### Docker
-> Excute from `tools/docker/sawtooth-all-in-one` or adjust the paths accordingly.
 
 ``` bash
 # Build
-DOCKER_BUILDKIT=1 docker build . -t cactus-sawtooth-all-in-one
+DOCKER_BUILDKIT=1 docker build ./tools/docker/sawtooth-all-in-one/ -t cactus-sawtooth-all-in-one
 
 # Run
 docker run --name sawtooth_all_in_one_ledger_1x --detach --privileged -p 8008:8008 cactus-sawtooth-all-in-one