At this point, in traditional deployments, we could consider automating the deployment of our application to push it to production automatically. However, in the case of a blockchain network, allowing a single process to push production code to multiple organizations and locations could be the Achilles heel of the network.
Instead of trying to push production code to multiple organizations, we will publish the BNA file to a trusted store (in this case, the GitHub release) and let every organization pull the archive.
Fortunately for us, Travis CI has a function used within the deploy step that allows us to automatically attach the smart contract package to a tagged release. The function requires an OAUTH_TOKEN to be configured on our GitHub account, and it needs to be added to the Travis configuration to allow Travis to attach the smart contract to the release.
While that configuration could be done manually, there is a simple command-line interface for Travis that will automatically push the token to Git Hub and add the deploy section to the .travis.yml.
We can install travis CLI using the following command:
gem install travis
Once the CLI is installed, we run the following command:
$ travis setup releases
Username: ldesrosi
Password for ldesrosi: ********
File to Upload: ./dist/network.bna
Deploy only from HyperledgerHandsOn/trade-finance-logistics? |yes|
Encrypt API key? |yes| no
The tool will ask for a few pieces of information: our GitHub user ID, password, location of the file we want to upload (our BNA), whether we want to only deploy from our repository, and if we want to encrypt our API key. On this last question, it is important to say no. We will soon explain why.
The tool will add a section like the following at the end of the .travis.yml file:
deploy:
provider: releases
api_key: 3ce1ab5452e39af3ebb74582e9c57f101df46d60
file_glob: true
file: ./dist/*
on:
repo: HyperledgerHandsOn/trade-finance-logistics
The first thing we will do is copy the API key to our workstation clipboard and go back to the Travis CI site. On the main dashboard, you should see your repository, and on the right-hand side, you will see a button called More Options. By clicking it and selecting Settings, you will be presented with a panel, split into a few sections.
Scroll down a bit and you will find the Environment Variables section. Go through the following steps:
- In the name field, type OAUTH_TOKEN
- In the value field, paste the API key you copied in the .travis.yml file
- Click Save
The results should be as follows:
You see, while we could have kept the OAUTH_TOKEN encrypted in our .travis.yml file, it would have been stored in our GitHub repository to be viewed by everyone. By moving the key to the environment, we avoid this.
We can now modify the configuration file to refer to the environment variable we just defined:
deploy:
provider: releases
api_key: ${OAUTH_TOKEN}
file_glob: true
file: ./dist/*
on:
repo: HyperledgerHandsOn/trade-finance-logistics
tags: true
The on: section provides the ability to restrict the publication process to the tag event on your repository.
With the package.json and the .travis.yml modified, we just need to update our repository by committing and pushing our changes to the master branch. Our pipeline is now fully configured! In a few sections, we will see how network participants can be notified of the new release and retrieve the archive, but for now, let's look at what we need to configure in Git.