feat(substrate): refactor codebase for effective deployment

This PR improves Substrate DLT deployment using code from the main branch.

Changes:
- Updated the Vault-Auth path for pods to match the expected Vault Authentication Engine in Vault.
- Updated the Storage-class name for pods to match the name of the expected storage-class.

fixes #quick-fix

Signed-off-by: saurabhkumarkardam <saurabh.kumar.kardam@accenture.com>

Author: saurabhkumarkardam

platforms/substrate/configuration/roles/create/helm_component/templates/dscp_ipfs_node.tpl

@@ -69,6 +69,6 @@ spec:
     vault:
       address: {{ vault.url }}
       role: vault-role
-      authpath: substrate{{ name }}
+      authpath: {{ network.env.type }}{{ name }}
       serviceaccountname: vault-auth
       certsecretprefix: {{ vault.secret_path | default('secretsv2') }}/data/{{ name }}/{{ peer.name }}

platforms/substrate/configuration/roles/create/helm_component/templates/genesis_job.tpl

@@ -29,7 +29,7 @@ spec:
     vault:
       address: {{ vault.url }}
       role: vault-role
-      authpath: substrate{{ name }}
+      authpath: {{ network.env.type }}{{ name }}
       serviceaccountname: vault-auth
       certsecretprefix: {{ vault.secret_path | default('secretsv2') }}/{{ name }}
     chain: {{ network.config.chain }}

platforms/substrate/configuration/roles/create/helm_component/templates/node_substrate.tpl

@@ -111,6 +111,6 @@ spec:
     vault:
       address: {{ vault.url }}      
       secretPrefix: {{ vault.secret_path | default('secretsv2') }}/data/{{ name }}
-      authPath: substrate{{ name }}
+      authPath: {{ network.env.type }}{{ name }}
       appRole: vault-role
       image: ghcr.io/hyperledger/alpine-utils:1.0 

platforms/substrate/configuration/roles/create/helm_component/templates/substrate_keys_job.tpl

@@ -32,6 +32,6 @@ spec:
     vault:
       address: {{ vault.url }}
       role: vault-role
-      authpath: substrate{{ name }}
+      authpath: {{ network.env.type }}{{ name }}
       serviceaccountname: vault-auth
       certsecretprefix: {{ vault.secret_path | default('secretsv2') }}/data/{{ name }}

platforms/substrate/configuration/roles/create/ipfs_bootnode/tasks/main.yaml

@@ -11,7 +11,7 @@
   vars:    
     component_name: "{{ peer.name }}-ipfs-node"
     type: "dscp_ipfs_node"
-    storageclass_name: "{{ item.name | lower }}-bevel-storageclass"
+    storageclass_name: "{{ name }}-bevel-storageclass"
     external_url: "{{ item.external_url_suffix }}"
     git_url: "{{ item.gitops.git_url }}"
     git_branch: "{{ item.gitops.branch }}"

platforms/substrate/configuration/roles/create/member_node/tasks/main.yaml

@@ -11,7 +11,7 @@
   vars:
     component_name: "{{ name }}{{ peer.name }}membernode"
     type: "node_substrate"
-    storageclass_name: "{{ item.name | lower }}-bevel-storageclass"
+    storageclass_name: "{{ name }}-bevel-storageclass"
     external_url: "{{ item.external_url_suffix }}"
     vault: "{{ item.vault }}"
     git_url: "{{ item.gitops.git_url }}"
@@ -35,7 +35,7 @@
   vars:    
     component_name: "{{ peer.name }}-ipfs-node"
     type: "dscp_ipfs_node"
-    storageclass_name: "{{ item.name | lower }}-bevel-storageclass"
+    storageclass_name: "{{ name }}-bevel-storageclass"
     external_url: "{{ item.external_url_suffix }}"
     git_url: "{{ item.gitops.git_url }}"
     git_branch: "{{ item.gitops.branch }}"

platforms/substrate/configuration/roles/create/validator_node/tasks/main.yaml

@@ -11,7 +11,7 @@
   vars:
     component_name: "{{ name }}{{ peer.name }}validatornode"
     type: "node_substrate"
-    storageclass_name: "{{ item.cloud_provider }}storageclass"
+    storageclass_name: "{{ name }}-bevel-storageclass"
     external_url: "{{ item.external_url_suffix }}"
     vault: "{{ item.vault }}"
     git_url: "{{ item.gitops.git_url }}"

platforms/substrate/configuration/roles/delete/vault_secrets/tasks/main.yaml

@@ -9,6 +9,7 @@
 #############################################################################################
 
 #############################################################################################
+
 # Delete the Docker credentials
 - name: Delete docker creds
   k8s:
@@ -37,8 +38,8 @@
 # Delete Peer Crypto material
 - name: Delete Peer Crypto material 
   shell: |
-    vault kv delete {{ item.vault.secret_path | default('secretsv2') }}/{{ item.name }}/{{ peer.name }}/substrate  
-    vault kv delete {{ item.vault.secret_path | default('secretsv2') }}/{{ item.name }}/{{ peer.name }}/ipfs
+    vault kv delete {{ item.vault.secret_path | default('secretsv2') }}/{{ org_name }}/{{ peer.name }}/substrate  
+    vault kv delete {{ item.vault.secret_path | default('secretsv2') }}/{{ org_name }}/{{ peer.name }}/ipfs
   environment:
     VAULT_ADDR: "{{ item.vault.url }}"
     VAULT_TOKEN: "{{ item.vault.root_token }}"

platforms/substrate/configuration/samples/network-sample.yaml

@@ -21,9 +21,12 @@ network:
     #  These ports are enabled per cluster, so if you have multiple clusters you do not need so many ports
     #  This sample uses a single cluster, so we have to open 4 ports for each Node. These ports are again specified for each organization below
     ambassadorPorts:                # Any additional Ambassador ports can be given here, this is valid only if proxy='ambassador'
-      portRange:              # For a range of ports 
-        from: 15010
-        to: 15043
+      # Specify a list of individual ports to use
+      ports: [15010, 15023, 15024, 15025, 15033, 15034, 15035, 15043, 15044, 15045]
+      # Alternatively, specify a range of ports to use all ports within the specified range
+      # portRange:              
+      #   from: 15010  # Starting port of the range
+      #   to: 15045    # Ending port of the range
     # ports: 15020,15021      # For specific ports
     retry_count: 20                 # Retry count for the checks on Kubernetes cluster
     external_dns: enabled           # Should be enabled if using external-dns for automatic route configuration
@@ -32,9 +35,9 @@ network:
   # Please ensure all required images are built and stored in this registry. 
   # Do not check-in docker_password.
   docker:
-    url: "ghcr.io"
-    #username: "docker_username"
-    #password: "docker_password"
+    url: "docker.io"
+    username: "docker_username"
+    password: "docker_password"
 
   # Following are the configurations for the common Substrate network
   config:

platforms/substrate/configuration/samples/network-substrate.yaml

@@ -17,13 +17,17 @@ network:
   #Environment section for Kubernetes setup
   env:
     type: "substratedev"              # tag for the environment. Important to run multiple flux on single cluster
-    proxy: ambassador               # value has to be 'ambassador' as 'haproxy' has not been implemented for Substrate
+    proxy: ambassador                 # value has to be 'ambassador' as 'haproxy' has not been implemented for Substrate
+    proxy_namespace: "ambassador"     # Namespace for the proxy
     #  These ports are enabled per cluster, so if you have multiple clusters you do not need so many ports
     #  This sample uses a single cluster, so we have to open 4 ports for each Node. These ports are again specified for each organization below
     ambassadorPorts:                # Any additional Ambassador ports can be given here, this is valid only if proxy='ambassador'
-      portRange:              # For a range of ports 
-        from: 15010
-        to: 15043
+      # Specify a list of individual ports to use
+      ports: [15010, 15023, 15024, 15025, 15033, 15034, 15035, 15043, 15044, 15045]
+      # Alternatively, specify a range of ports to use all ports within the specified range
+      # portRange:              
+      #   from: 15010  # Starting port of the range
+      #   to: 15045    # Ending port of the range
     # ports: 15020,15021      # For specific ports
     retry_count: 20                 # Retry count for the checks on Kubernetes cluster
     external_dns: enabled           # Should be enabled if using external-dns for automatic route configuration
@@ -59,7 +63,7 @@ network:
       name: carrier
       type: superuser
       external_url_suffix: subs.example.com   # This is the url suffix that will be added in DNS recordset. Must be different for different clusters
-      cloud_provider: gcp   # Options: aws, azure, gcp
+      cloud_provider: aws   # Options: aws, azure, gcp
       aws:
         access_key: "AWS_ACCESS_KEY"        # AWS Access key, only used when cloud_provider=aws
         secret_key: "AWS_SECRET_KEY"        # AWS Secret key, only used when cloud_provider=aws