Merge branch 'develop' into develop

platforms/hyperledger-besu/configuration/roles/create/k8_component/vars/main.yaml

@@ -9,3 +9,4 @@ dlt_templates:
   aws-storageclass: storageclass.tpl
   minikube-storageclass: storageclass.tpl
   gcp-storageclass: storageclass.tpl
+  azure-storageclass: storageclass.tpl

platforms/hyperledger-fabric/charts/generate_cacerts/values.yaml

@@ -15,9 +15,6 @@ metadata:
   #Eg. namespace: org1-example-com
   namespace: default
   images:
-    #Provide the valid image name and version for fabric tools
-    #Eg. fabric-tools: hyperledger/fabrictools:1.4.0
-    fabrictools:
     #Provide the valid image name and version to read certificates from vault server
     #Eg.alpineutils: hyperledgerlabs/alpine-utils:1.0
     alpineutils:

platforms/hyperledger-fabric/charts/orderernode/templates/configmap.yaml

@@ -34,7 +34,7 @@ data:
   ORDERER_KAFKA_RETRY_SHORTTOTAL: "30s"
   ORDERER_KAFKA_VERBOSE: "true"
   GODEBUG: "netdns=go"
-  ORDERER_OPERATIONS_LISTENADDRESS: 0.0.0.0:9443
+  ORDERER_OPERATIONS_LISTENADDRESS: 0.0.0.0:10443
 
 ---
 apiVersion: v1

platforms/hyperledger-fabric/charts/orderernode/templates/deployment.yaml

@@ -200,7 +200,7 @@ spec:
         ports:
         - containerPort: 7050
         - name: operations
-          containerPort: 9443
+          containerPort: 10443
         envFrom:
         - configMapRef:
             name: {{ $.Values.orderer.name }}-config

platforms/hyperledger-fabric/charts/orderernode/templates/service.yaml

@@ -134,5 +134,5 @@ spec:
           service:
             name: {{ $.Values.orderer.name }}
             port:
-              number: 9443
+              number: 10443
 {{ end }}

platforms/hyperledger-fabric/configuration/add-orderer.yaml

@@ -33,6 +33,7 @@
       component: "{{ item.name | lower}}"
       component_type: "{{ item.type | lower}}"
       component_services: "{{ item.services }}"
+      sc_name: "{{ component }}-{{ item.cloud_provider | lower }}-storageclass"
       kubernetes: "{{ item.k8s }}"
       vault: "{{ item.vault }}"
       ca: "{{ item.services.ca }}"

platforms/hyperledger-fabric/configuration/deploy-network.yaml

@@ -64,6 +64,27 @@
       loop: "{{ network['organizations'] }}"
       loop_control:
         loop_var: org
+      when: org.k8s.cluster_id is not defined
+
+    #Setup Vault-Kubernetes accesses and Regcred for docker registry
+    - name: Setup Vault Kubernetes for each organization
+      include_role: 
+        name: "{{playbook_dir}}/../../shared/configuration/roles/setup/vault_kubernetes"
+      vars:
+        name: "{{ org.name | lower }}"
+        component_name: "{{ org.name | lower }}-vaultk8s-job"
+        component_type: "{{ org.type | lower }}"
+        component_ns: "{{ org.name | lower }}-net"
+        component_auth: "{{ org.k8s.cluster_id }}{{ component_ns }}-auth"
+        kubernetes: "{{ org.k8s }}"
+        vault: "{{ org.vault }}"
+        policy_type: "fabric"
+        gitops: "{{ org.gitops }}"
+        reset_path: "platforms/hyperledger-fabric/configuration"
+      loop: "{{ network['organizations'] }}"
+      loop_control:
+        loop_var: org
+      when: org.k8s.cluster_id is defined
 
     # Create Storageclass 
     - name: Create storageclass for each organization

platforms/hyperledger-fabric/configuration/roles/create/anchorpeer/tasks/nested_anchorpeer.yaml

@@ -35,6 +35,7 @@
     git_branch: "{{ org.gitops.branch }}"
     charts_dir: "{{ org.gitops.chart_source }}"
     vault: "{{ org.vault }}"
+    k8s: "{{ org.k8s }}"
     fabrictools_image: "hyperledger/fabric-tools:{{ network.version }}"
     alpine_image: "{{ docker_url }}/alpine-utils:1.0"
     anchorstx: "{{ lookup('file', '{{ build_path }}/channel-artifacts/{{item.channel_name|lower}}{{participant.name|lower}}MSPAnchor.tx.base64') }}"

platforms/hyperledger-fabric/configuration/roles/create/ca_server/tasks/main.yaml

@@ -41,7 +41,6 @@
     git_branch: "{{ gitops.branch }}"
     charts_dir: "{{ gitops.chart_source }}"
     vault: "{{ item.vault }}"
-    fabrictools_image: "hyperledger/fabric-tools:{{ network.version }}"
     alpine_image: "{{ docker_url }}/alpine-utils:1.0"
     values_dir: "{{playbook_dir}}/../../../{{ gitops.release_dir }}/{{ component }}"
   when: certs_created.failed == True

platforms/hyperledger-fabric/configuration/roles/create/ca_server/vars/main.yaml

@@ -11,3 +11,4 @@ ca_image_version:
   2.0.0: 1.4.5
   2.2.0: 1.4.8
   2.2.2: 1.4.8
+  2.5.4: latest

platforms/hyperledger-fabric/configuration/roles/create/ca_tools/orderer/tasks/main.yaml

@@ -8,7 +8,7 @@
 # This role creates value file for the deployment of CA Tools CLI
 #############################################################################################
 
-# # Check if CA server is available
+# Check if CA server is available
 - name: "waiting for the CA server to be created in {{ item.name | lower }}-net"
   include_role:
     name: "{{ playbook_dir }}/../../shared/configuration/roles/check/helm_component"

platforms/hyperledger-fabric/configuration/roles/create/channels/tasks/valuefile.yaml

@@ -49,6 +49,7 @@
     git_branch: "{{ org.gitops.branch }}"
     charts_dir: "{{ org.gitops.chart_source }}"
     vault: "{{ org.vault }}"
+    k8s: "{{ org.k8s }}"
     fabrictools_image: "hyperledger/fabric-tools:{{ network.version }}"
     alpine_image: "{{ docker_url }}/alpine-utils:1.0"
     channeltx: "{{ lookup('file', '{{ build_path }}/channel-artifacts/{{item.channel_name|lower}}.tx.base64') }}"

platforms/hyperledger-fabric/configuration/roles/create/channels_join/tasks/nested_channel_join.yaml

@@ -37,6 +37,7 @@
     fabrictools_image: "hyperledger/fabric-tools:{{ network.version }}"
     alpine_image: "{{ docker_url }}/alpine-utils:1.0"
     vault: "{{ org.vault }}"
+    k8s: "{{ org.k8s }}"
     values_dir: "{{playbook_dir}}/../../../{{org.gitops.release_dir}}/{{ org.name | lower }}"
   loop: "{{ participant.peers }}"
   loop_control:

platforms/hyperledger-fabric/configuration/roles/create/new_orderer/create_appchannel_block/tasks/nested_create_cli.yaml

@@ -25,7 +25,7 @@
     fabrictools_image: "hyperledger/fabric-tools:{{ network.version }}"
     alpine_image: "{{ docker_url }}/alpine-utils:1.0"
     channel_name: "{{ channel_name }}"
-    storage_class: "{{ org.name }}sc"
+    storage_class: "{{ org.name }}-{{ org.cloud_provider | lower }}-storageclass"
     release_dir: "{{ build_path }}"
     orderer_component: "{{ orderer.name | lower }}.{{ org.name | lower }}-net"
     orderer_address: "{{ orderer.ordererAddress }}"

platforms/hyperledger-fabric/configuration/roles/create/new_orderer/create_syschannel_block/tasks/nested_create_cli.yaml

@@ -24,7 +24,7 @@
     fabrictools_image: "hyperledger/fabric-tools:{{ network.version }}"
     alpine_image: "{{ docker_url }}/alpine-utils:1.0"
     channel_name: "{{ channel_name }}"
-    storage_class: "{{ org.name }}sc"
+    storage_class: "{{ org.name }}-{{ org.cloud_provider | lower }}-storageclass"
     release_dir: "{{ build_path }}"
     orderer_component: "{{ orderer.name | lower }}.{{ component_ns }}"
     orderer_address: "{{ orderer.ordererAddress }}"

platforms/hyperledger-fabric/configuration/roles/create/peers/vars/main.yaml

@@ -11,3 +11,4 @@ couchdb_image_version:
   2.0.0: "hyperledger/fabric-couchdb:0.4.18"
   2.2.0: "couchdb:3.1"
   2.2.2: "couchdb:3.1"
+  2.5.4: "couchdb:3.3.2"

platforms/hyperledger-fabric/configuration/roles/delete/vault_secrets/tasks/main.yaml

@@ -82,6 +82,16 @@
     VAULT_ADDR: "{{ item.vault.url }}"
     VAULT_TOKEN: "{{ item.vault.root_token }}"
 
+############################################################################################
+# This task deletes vault auth
+- name: Delete vault-auth path
+  shell: |
+    vault kv delete sys/auth/{{ item.k8s.cluster_id }}{{ component_name }}-auth
+  environment:
+    VAULT_ADDR: "{{ item.vault.url }}"
+    VAULT_TOKEN: "{{ item.vault.root_token }}"
+  when: item.k8s.cluster_id is defined
+
 ############################################################################################
 # This task deletes crypto materials from vault
 - name: Delete Crypto for orderers

platforms/hyperledger-fabric/configuration/roles/helm_component/templates/anchorpeer_job.tpl

@@ -37,7 +37,11 @@ spec:
     vault:
       role: vault-role
       address: {{ vault.url }}
+{% if k8s.cluster_id is defined %}
+      authpath: {{ k8s.cluster_id }}{{ component_ns }}-auth
+{% else %}
       authpath: {{ network.env.type }}{{ component_ns }}-auth
+{% endif %}
       adminsecretprefix: {{ vault.secret_path | default('secretsv2') }}/data/crypto/peerOrganizations/{{ component_ns }}/users/admin
       orderersecretprefix: {{ vault.secret_path | default('secretsv2') }}/data/crypto/peerOrganizations/{{ component_ns }}/orderer
       serviceaccountname: vault-auth

platforms/hyperledger-fabric/configuration/roles/helm_component/templates/approve_chaincode_job.tpl

@@ -31,7 +31,11 @@ spec:
     vault:
       role: vault-role
       address: {{ vault.url }}
+{% if org.k8s.cluster_id is defined %}
+      authpath: {{ org.k8s.cluster_id }}{{ namespace | e }}-auth
+{% else %}
       authpath: {{ network.env.type }}{{ namespace | e }}-auth
+{% endif %}
       adminsecretprefix: {{ vault.secret_path | default('secretsv2') }}/data/crypto/peerOrganizations/{{ namespace }}/users/admin 
       orderersecretprefix: {{ vault.secret_path | default('secretsv2') }}/data/crypto/peerOrganizations/{{ namespace }}/orderer
       serviceaccountname: vault-auth

platforms/hyperledger-fabric/configuration/roles/helm_component/templates/ca-orderer.tpl

@@ -57,7 +57,11 @@ spec:
     vault:
       role: vault-role
       address: {{ vault.url }}
+{% if item.k8s.cluster_id is defined %}
+      authpath: {{ item.k8s.cluster_id }}{{ component_name }}-auth
+{% else %}
       authpath: {{ network.env.type }}{{ component_name }}-auth
+{% endif %}
       secretcert: {{ vault.secret_path | default('secretsv2') }}/data/crypto/ordererOrganizations/{{ component_name | e }}/ca?ca.{{ component_name | e }}-cert.pem
       secretkey: {{ vault.secret_path | default('secretsv2') }}/data/crypto/ordererOrganizations/{{ component_name | e }}/ca?{{ component_name | e }}-CA.key
       secretadminpass: {{ vault.secret_path | default('secretsv2') }}/data/credentials/{{ component_name | e }}/ca/{{ component }}?user

platforms/hyperledger-fabric/configuration/roles/helm_component/templates/ca-peer.tpl

@@ -57,7 +57,11 @@ spec:
     vault:
       role: vault-role
       address: {{ vault.url }}
+{% if item.k8s.cluster_id is defined %}
+      authpath: {{ item.k8s.cluster_id }}{{ component_name | e }}-auth
+{% else %}
       authpath: {{ network.env.type }}{{ component_name | e }}-auth
+{% endif %}
       secretcert: {{ vault.secret_path | default('secretsv2') }}/data/crypto/peerOrganizations/{{ component_name | e }}/ca?ca.{{ component_name | e }}-cert.pem
       secretkey: {{ vault.secret_path | default('secretsv2') }}/data/crypto/peerOrganizations/{{ component_name | e }}/ca?{{ component_name | e }}-CA.key
       secretadminpass: {{ vault.secret_path | default('secretsv2') }}/data/credentials/{{ component_name | e }}/ca/{{ component }}?user

platforms/hyperledger-fabric/configuration/roles/helm_component/templates/ca-tools.tpl

@@ -59,7 +59,11 @@ spec:
     vault:
       role: vault-role
       address: {{ vault.url }}
+{% if item.k8s.cluster_id is defined %}
+      authpath: {{ item.k8s.cluster_id }}{{ component_name }}-auth
+{% else %}
       authpath: {{ network.env.type }}{{ component_name }}-auth
+{% endif %}
       secretusers: {{ vault.secret_path | default('secretsv2') }}/data/crypto/{{ component_type }}Organizations/{{ component_name }}/users
       secretorderer: {{ vault.secret_path | default('secretsv2') }}/data/crypto/{{ component_type }}Organizations/{{ component_name }}/orderers
       secretpeer: {{ vault.secret_path | default('secretsv2') }}/data/crypto/{{ component_type }}Organizations/{{ component_name }}/peers

platforms/hyperledger-fabric/configuration/roles/helm_component/templates/cacerts_job.tpl

@@ -22,13 +22,16 @@ spec:
       component_name: {{ component }}-net
       namespace: {{ component_ns }}    
       images:
-        fabrictools: {{ fabrictools_image }}
         alpineutils: {{ alpine_image }}
 
     vault:
       role: vault-role
       address: {{ vault.url }}
+{% if item.k8s.cluster_id is defined %}
+      authpath: {{ item.k8s.cluster_id }}{{ component_ns }}-auth
+{% else %}
       authpath: {{ network.env.type }}{{ component_ns }}-auth
+{% endif %}
       secretcryptoprefix: {{ vault.secret_path | default('secretsv2') }}/data/crypto/{{ component_type }}Organizations/{{ component }}-net/ca
       secretcredentialsprefix: {{ vault.secret_path | default('secretsv2') }}/data/credentials/{{ component }}-net/ca/{{ component }}
       serviceaccountname: vault-auth

platforms/hyperledger-fabric/configuration/roles/helm_component/templates/cli.tpl

@@ -28,7 +28,11 @@ spec:
     vault:
       role: vault-role
       address: {{ vault.url }}
+{% if org.k8s.cluster_id is defined %}
+      authpath: {{ org.k8s.cluster_id }}{{ component_ns }}-auth
+{% else %}
       authpath: {{ network.env.type }}{{ component_ns }}-auth
+{% endif %}
       adminsecretprefix: {{ vault.secret_path | default('secretsv2') }}/data/crypto/peerOrganizations/{{ component_ns }}/users/admin
       orderersecretprefix: {{ vault.secret_path | default('secretsv2') }}/data/crypto/peerOrganizations/{{ component_ns }}/orderer
       serviceaccountname: vault-auth

platforms/hyperledger-fabric/configuration/roles/helm_component/templates/commit_chaincode_job.tpl

@@ -31,7 +31,11 @@ spec:
     vault:
       role: vault-role
       address: {{ vault.url }}
+{% if org.k8s.cluster_id is defined %}
+      authpath: {{ org.k8s.cluster_id }}{{ namespace | e }}-auth
+{% else %}
       authpath: {{ network.env.type }}{{ namespace | e }}-auth
+{% endif %}
       adminsecretprefix: {{ vault.secret_path | default('secretsv2') }}/data/crypto/peerOrganizations/{{ namespace }}/users/admin
       orderersecretprefix: {{ vault.secret_path | default('secretsv2') }}/data/crypto/peerOrganizations/{{ namespace }}/orderer
       secretpath: {{ vault.secret_path | default('secretsv2') }}

platforms/hyperledger-fabric/configuration/roles/helm_component/templates/create_channel_job.tpl

@@ -34,7 +34,11 @@ spec:
     vault:
       role: vault-role
       address: {{ vault.url }}
+{% if k8s.cluster_id is defined %}
+      authpath: {{ k8s.cluster_id }}{{ component_ns }}-auth
+{% else %}
       authpath: {{ network.env.type }}{{ component_ns }}-auth
+{% endif %}
       adminsecretprefix: {{ vault.secret_path | default('secretsv2') }}/data/crypto/peerOrganizations/{{ component_ns }}/users/admin
       orderersecretprefix: {{ vault.secret_path | default('secretsv2') }}/data/crypto/peerOrganizations/{{ component_ns }}/orderer 
       serviceaccountname: vault-auth

platforms/hyperledger-fabric/configuration/roles/helm_component/templates/install_chaincode_job.tpl

@@ -33,7 +33,11 @@ spec:
     vault:
       role: vault-role
       address: {{ vault.url }}
+{% if org.k8s.cluster_id is defined %}
+      authpath: {{ org.k8s.cluster_id }}{{ namespace | e }}-auth
+{% else %}
       authpath: {{ network.env.type }}{{ namespace | e }}-auth
+{% endif %}
       adminsecretprefix: {{ vault.secret_path | default('secretsv2') }}/data/crypto/peerOrganizations/{{ namespace }}/users/admin 
       orderersecretprefix: {{ vault.secret_path | default('secretsv2') }}/data/crypto/peerOrganizations/{{ namespace }}/orderer
       secretgitprivatekey: {{ vault.secret_path | default('secretsv2') }}/data/credentials/{{ namespace }}/git

platforms/hyperledger-fabric/configuration/roles/helm_component/templates/install_external_chaincode_job.tpl

@@ -33,7 +33,11 @@ spec:
     vault:
       role: vault-role
       address: {{ vault.url }}
+{% if item.k8s.cluster_id is defined %}
+      authpath: {{ item.k8s.cluster_id }}{{ namespace | e }}-auth
+{% else %}
       authpath: {{ network.env.type }}{{ namespace | e }}-auth
+{% endif %}
       chaincodesecretprefix: {{ vault.secret_path | default('secretsv2') }}/data/crypto/peerOrganizations/{{ namespace }}/peers/{{ peer_name }}.{{ namespace }}/chaincodes
       adminsecretprefix: {{ vault.secret_path | default('secretsv2') }}/data/crypto/peerOrganizations/{{ namespace }}/users/admin 
       orderersecretprefix: {{ vault.secret_path | default('secretsv2') }}/data/crypto/peerOrganizations/{{ namespace }}/orderer

platforms/hyperledger-fabric/configuration/roles/helm_component/templates/instantiate_chaincode_job.tpl

@@ -31,7 +31,11 @@ spec:
     vault:
       role: vault-role
       address: {{ vault.url }}
+{% if org.k8s.cluster_id is defined %}
+      authpath: {{ org.k8s.cluster_id }}{{ namespace | e }}-auth
+{% else %}
       authpath: {{ network.env.type }}{{ namespace | e }}-auth
+{% endif %}
       adminsecretprefix: {{ vault.secret_path | default('secretsv2') }}/data/crypto/peerOrganizations/{{ namespace }}/users/admin 
       orderersecretprefix: {{ vault.secret_path | default('secretsv2') }}/data/crypto/peerOrganizations/{{ namespace }}/orderer
       serviceaccountname: vault-auth

platforms/hyperledger-fabric/configuration/roles/helm_component/templates/invoke_chaincode_job.tpl

@@ -34,7 +34,11 @@ spec:
     vault:
       role: vault-role
       address: {{ vault.url }}
+{% if org.k8s.cluster_id is defined %}
+      authpath: {{ org.k8s.cluster_id }}{{ namespace | e }}-auth
+{% else %}
       authpath: {{ network.env.type }}{{ namespace | e }}-auth
+{% endif %}
       secretpath: {{ vault.secret_path | default('secretsv2') }}
       adminsecretprefix: {{ vault.secret_path | default('secretsv2') }}/data/crypto/peerOrganizations/{{ namespace }}/users/admin 
       orderersecretprefix: {{ vault.secret_path | default('secretsv2') }}/data/crypto/peerOrganizations/{{ namespace }}/orderer

platforms/hyperledger-fabric/configuration/roles/helm_component/templates/join_channel_job.tpl

@@ -37,7 +37,11 @@ spec:
     vault:
       role: vault-role
       address: {{ vault.url }}
+{% if k8s.cluster_id is defined %}
+      authpath: {{ k8s.cluster_id }}{{ component_ns }}-auth
+{% else %}
       authpath: {{ network.env.type }}{{ component_ns }}-auth
+{% endif %}
       adminsecretprefix: {{ vault.secret_path | default('secretsv2') }}/data/crypto/peerOrganizations/{{ component_ns }}/users/admin
       orderersecretprefix: {{ vault.secret_path | default('secretsv2') }}/data/crypto/peerOrganizations/{{ component_ns }}/orderer
       serviceaccountname: vault-auth

platforms/hyperledger-fabric/configuration/roles/helm_component/templates/orderernode.tpl

@@ -73,7 +73,11 @@ spec:
     vault:
       address: {{ vault.url }}
       role: vault-role
+{% if item.k8s.cluster_id is defined %}
+      authpath: {{ item.k8s.cluster_id }}{{ namespace }}-auth
+{% else %}
       authpath: {{ network.env.type }}{{ namespace }}-auth
+{% endif %}
       type: {{ vault.type | default("hashicorp") }}
       secretprefix: {{ vault.secret_path | default('secretsv2') }}/data/crypto/ordererOrganizations/{{ namespace }}/orderers/{{ orderer.name }}.{{ namespace }}
 {% if network.docker.username is defined and network.docker.password is defined %}

platforms/hyperledger-fabric/configuration/roles/helm_component/templates/upgrade_chaincode_job.tpl

@@ -31,7 +31,11 @@ spec:
     vault:
       role: vault-role
       address: {{ vault.url }}
+{% if org.k8s.cluster_id is defined %}
+      authpath: {{ org.k8s.cluster_id }}{{ namespace | e }}-auth
+{% else %}
       authpath: {{ network.env.type }}{{ namespace | e }}-auth
+{% endif %}
       adminsecretprefix: {{ vault.secret_path | default('secretsv2') }}/data/crypto/peerOrganizations/{{ namespace }}/users/admin 
       orderersecretprefix: {{ vault.secret_path | default('secretsv2') }}/data/crypto/peerOrganizations/{{ namespace }}/orderer
       serviceaccountname: vault-auth

platforms/hyperledger-fabric/configuration/roles/helm_component/templates/value_peer.tpl

@@ -78,7 +78,11 @@ spec:
     vault:
       role: vault-role
       address: {{ vault.url }}
+{% if item.k8s.cluster_id is defined %}
+      authpath: {{ item.k8s.cluster_id }}{{ namespace }}-auth
+{% else %}
       authpath: {{ network.env.type }}{{ namespace }}-auth
+{% endif %}
       secretprefix: {{ vault.secret_path | default('secretsv2') }}/data/crypto/peerOrganizations/{{ namespace }}/peers/{{ peer_name }}.{{ namespace }}
       secretambassador: {{ vault.secret_path | default('secretsv2') }}/data/crypto/peerOrganizations/{{ namespace }}/ambassador
       serviceaccountname: vault-auth

platforms/hyperledger-fabric/configuration/roles/k8_component/templates/existing_peer_cli.tpl

@@ -9,7 +9,11 @@ storage:
 vault:
   role: vault-role
   address: {{ vault.url }}
+{% if org.k8s.cluster_id is defined %}
+  authpath: {{ org.k8s.cluster_id }}{{ component_ns }}-auth
+{% else %}
   authpath: {{ network.env.type }}{{ component_ns }}-auth
+{% endif %}
   adminsecretprefix: {{ vault.secret_path | default('secretsv2') }}/data/crypto/peerOrganizations/{{ component_ns }}/users/admin
   orderersecretprefix: {{ vault.secret_path | default('secretsv2') }}/data/crypto/peerOrganizations/{{ component_ns }}/orderer
   serviceaccountname: vault-auth

platforms/hyperledger-fabric/configuration/roles/k8_component/templates/orderer_cli.tpl

@@ -9,7 +9,11 @@ storage:
 vault:
   role: vault-role
   address: {{ vault.url }}
+{% if org.k8s.cluster_id is defined %}
+  authpath: {{ org.k8s.cluster_id }}{{ component_ns }}-auth
+{% else %}
   authpath: {{ network.env.type }}{{ component_ns }}-auth
+{% endif %}
   adminsecretprefix: {{ vault.secret_path | default('secretsv2') }}/data/crypto/ordererOrganizations/{{ component_ns }}/users/admin
   orderersecretprefix: {{ vault.secret_path | default('secretsv2') }}/data/crypto/ordererOrganizations/{{ component_ns }}/orderers/{{ orderer_component }}
   serviceaccountname: vault-auth