[fabric] Update adding a new channel (#2452)

Primary Changes -------------- 1.Update adding a new channel playbook to be compatible with version 2.5.4 2.Fixed the bug with elimination of ServiceAccount and ClusterRoleBinding Modifications ----------------------- docs/source/archive/certificates/fabric.md platforms/hyperledger-fabric/charts/fabric-osnadmin-channel-create platforms/hyperledger-fabric/configuration/add-new-channel.yaml platforms/hyperledger-fabric/configuration/roles/create/channel_artifacts platforms/hyperledger-fabric/configuration/roles/create/genesis platforms/hyperledger-fabric/configuration/roles/create/new_orderer platforms/hyperledger-fabric/configuration/roles/create/new_organization/orderer_org/syschannel platforms/hyperledger-fabric/configuration/roles/create/orderers platforms/hyperledger-fabric/configuration/roles/create/osnchannels platforms/hyperledger-fabric/configuration/roles/create/refresh_certs/create_channel_block platforms/hyperledger-fabric/configuration/roles/delete/vault_secrets platforms/hyperledger-fabric/configuration/roles/upgrade/application-capabilities/tasks/orderer-group/update_block_orderer.yaml platforms/hyperledger-fabric/configuration/roles/upgrade/orderer-binary platforms/hyperledger-fabric/configuration/roles/upgrade/orderer-capabilities platforms/shared/configuration/roles/create/shared_helm_component/templates/vault_kubernetes_job.tpl fixes #2439 #2443 Signed-off-by: mgCepeda <marina.gomez.cepeda@accenture.com>
hyperledger-bevel · Dec 18, 2023 · 34601fd · 34601fd
1 parent 6b0a83f
commit 34601fd
Show file tree

Hide file tree

Showing 19 changed files with 142 additions and 55 deletions.
diff --git a/docs/source/archive/certificates/fabric.md b/docs/source/archive/certificates/fabric.md
@@ -12,7 +12,7 @@ Certificate Paths on Vault for Fabric Network
 
 | Path                                                                       | Key (for Vault)                  | Type        |
 |-----------------------------------------------------------------------------------------------------------|-------------------------------------|-------------|
-| /secretsv2/crypto/ordererOrganizations/                                                                      | genesisBlock         | Genesis     |
+| /secretsv2/crypto/ordererOrganizations/`channel_name`                                                                      | genesisBlock         | Genesis     |
 
 ### For each orderer organization
 

diff --git a/platforms/hyperledger-fabric/charts/fabric-osnadmin-channel-create/templates/configmap.yaml b/platforms/hyperledger-fabric/charts/fabric-osnadmin-channel-create/templates/configmap.yaml
@@ -36,7 +36,7 @@ data:
 apiVersion: v1
 kind: ConfigMap
 metadata:
-  name: genesis-block
+  name: {{ $.Values.channel.name }}-genesis-block
   namespace: {{ $.Values.metadata.namespace }}
   labels:
     app.kubernetes.io/name: genesis-block

diff --git a/...yperledger-fabric/charts/fabric-osnadmin-channel-create/templates/osn_create_channel.yaml b/...yperledger-fabric/charts/fabric-osnadmin-channel-create/templates/osn_create_channel.yaml
@@ -48,7 +48,7 @@ spec:
       {{- if not $.Values.add_orderer }}
       - name: genesis
         configMap:
-          name: genesis-block
+          name: {{ $.Values.channel.name }}-genesis-block
           items:
             - key: genesis.block.base64
               path: genesis.block.base64

diff --git a/platforms/hyperledger-fabric/configuration/add-new-channel.yaml b/platforms/hyperledger-fabric/configuration/add-new-channel.yaml
@@ -25,25 +25,6 @@
         path: "./build"
         state: absent
 
-    # Setup Vault-Kubernetes accesses and Regcred for docker registry
-    - name: Setup Vault Kubernetes for each organization
-      include_role: 
-        name: "{{ playbook_dir }}/../../shared/configuration/roles/setup/vault_kubernetes"
-      vars:
-        name: "{{ org.name | lower }}"
-        component_name: "{{ org.name | lower }}-vaultk8s-job"
-        component_type: "{{ org.type | lower }}"
-        component_ns: "{{ org.name | lower }}-net"
-        component_auth: "{{ network.env.type }}{{ org.name | lower }}-net-auth"
-        policy_type: "fabric"
-        kubernetes: "{{ org.k8s }}"
-        vault: "{{ org.vault }}"
-        gitops: "{{ org.gitops }}"
-        reset_path: "platforms/hyperledger-fabric/configuration"
-      loop: "{{ network['organizations'] }}"
-      loop_control:
-        loop_var: org       
-
     # Create generate_crypto script for each organization
     - include_role:
         name: "create/crypto_script"
@@ -73,6 +54,16 @@
       loop: "{{ network['channels'] }}"
       when: item.channel_status == 'new'
 
+    - name: "Create genesis block"
+      include_role: 
+        name: "create/genesis"
+      vars:
+        build_path: "./build"
+        genesis: "{{ item.genesis }}"
+        channel_name: "{{ item.channel_name | lower }}"
+      loop: "{{ network['channels'] }}"
+      when: item.channel_status == 'new' and '2.5.' in network.version
+
     # This role creates the value file for creating channel from creator organization
     # to the vault.
     - include_role:
@@ -82,7 +73,18 @@
         participants: "{{ item.participants }}"
         docker_url: "{{ network.docker.url }}"
       loop: "{{ network['channels'] }}"
-      when: item.channel_status == 'new'
+      when: item.channel_status == 'new' and ('2.2.' in network.version or '1.4.' in network.version)
+
+    # This role creates the value file for creating channel from creator organization
+    # to the vault.
+    - name: Create all create-channel jobs
+      include_role:
+        name: "create/osnchannels"
+      vars:
+        build_path: "./build"
+        docker_url: "{{ network.docker.url }}"
+      loop: "{{ network['channels'] }}"
+      when: item.channel_status == 'new' and '2.5.' in network.version
 
     # This role creates the value file for joining channel from each participating peer
     # to the vault.
@@ -111,3 +113,4 @@
     install_os: "linux"                 #Default to linux OS
     install_arch:  "amd64"              #Default to amd64 architecture
     bin_install_dir:  "~/bin"            #Default to /bin install directory for binaries
+    add_new_org: 'false'                # Default to false as this is for main network creation
diff --git a/...edger-fabric/configuration/roles/create/channel_artifacts/tasks/fetch_orderers_certs.yaml b/...edger-fabric/configuration/roles/create/channel_artifacts/tasks/fetch_orderers_certs.yaml
@@ -0,0 +1,43 @@
+
+# Fetch msp files from Vault 
+- name: Check if orderers tls certs already created
+  shell: |
+    vault kv get -field=server.crt {{ organization.vault.secret_path | default('secretsv2') }}/crypto/ordererOrganizations/{{ organization.name | lower }}-net/orderers/{{ orderer.name }}.{{ organization.name | lower }}-net/tls > server.crt
+    mkdir -p ./build/crypto-config/ordererOrganizations/{{ organization.name | lower }}-net/orderers/{{ orderer.name }}.{{ organization.name | lower }}-net/tls
+    mv server.crt ./build/crypto-config/ordererOrganizations/{{ organization.name | lower }}-net/orderers/{{ orderer.name }}.{{ organization.name | lower }}-net/tls
+  environment:
+    VAULT_ADDR: "{{ organization.vault.url }}"
+    VAULT_TOKEN: "{{  organization.vault.root_token }}"   
+  loop: "{{ orderers }}"
+  loop_control:
+    loop_var: orderer
+
+# Fetch msp files from Vault 
+- name: Check if msp admincerts already created
+  shell: |
+    vault kv get -field=admincerts {{ organization.vault.secret_path | default('secretsv2') }}/crypto/ordererOrganizations/{{ organization.name | lower }}-net/users/admin/msp > Admin@{{ organization.name | lower }}-net-cert.pem
+    mkdir -p ./build/crypto-config/ordererOrganizations/{{ organization.name | lower }}-net/msp/admincerts/
+    mv Admin@{{ organization.name | lower }}-net-cert.pem ./build/crypto-config/ordererOrganizations/{{ organization.name | lower }}-net/msp/admincerts/
+  environment:
+    VAULT_ADDR: "{{ organization.vault.url }}"
+    VAULT_TOKEN: "{{ organization.vault.root_token }}"   
+
+# Fetch msp files from Vault 
+- name: Check if msp cacerts already created
+  shell: |
+    vault kv get -field=cacerts {{ organization.vault.secret_path | default('secretsv2') }}/crypto/ordererOrganizations/{{ organization.name | lower }}-net/users/admin/msp > ca-{{ organization.name | lower }}-net-{{ organization.services.ca.grpc.port }}.pem
+    mkdir -p ./build/crypto-config/ordererOrganizations/{{ organization.name | lower }}-net/msp/cacerts/
+    mv ca-{{ organization.name | lower }}-net-{{ organization.services.ca.grpc.port }}.pem ./build/crypto-config/ordererOrganizations/{{ organization.name | lower }}-net/msp/cacerts/
+  environment:
+    VAULT_ADDR: "{{ organization.vault.url }}"
+    VAULT_TOKEN: "{{ organization.vault.root_token }}"   
+
+# Fetch msp files from Vault 
+- name: Check if msp tlscacerts already created
+  shell: |
+    vault kv get -field=tlscacerts {{ organization.vault.secret_path | default('secretsv2') }}/crypto/ordererOrganizations/{{ organization.name | lower }}-net/users/admin/msp > ca-{{ organization.name | lower }}-net-{{ organization.services.ca.grpc.port }}.pem
+    mkdir -p ./build/crypto-config/ordererOrganizations/{{ organization.name | lower }}-net/msp/tlscacerts/
+    mv ca-{{ organization.name | lower }}-net-{{ organization.services.ca.grpc.port }}.pem ./build/crypto-config/ordererOrganizations/{{ organization.name | lower }}-net/msp/tlscacerts/
+  environment:
+    VAULT_ADDR: "{{ organization.vault.url }}"
+    VAULT_TOKEN: "{{ organization.vault.root_token }}"   
diff --git a/platforms/hyperledger-fabric/configuration/roles/create/channel_artifacts/tasks/main.yaml b/platforms/hyperledger-fabric/configuration/roles/create/channel_artifacts/tasks/main.yaml
@@ -26,6 +26,18 @@
     state: directory
   register: tmp_directory
 
+# Fetch orderers files from Vault
+- name: "Check if orderers certs already created"
+  include_tasks: fetch_orderers_certs.yaml
+  vars:
+    orderers: "{{ organization.services.orderers }}"
+  loop: "{{ network['organizations'] }}"
+  loop_control:
+    loop_var: organization    
+  when:
+    - fetch_certs == 'true' and '2.5.' in network.version
+    - organization.name == item.osn_creator_org.name
+
 # Fetch msp files from Vault 
 - name: Check if msp admincerts already created
   vars:
@@ -81,7 +93,7 @@
   loop: "{{ item['participants'] }}"
   loop_control:
     loop_var: organization    
-  when: fetch_certs == 'true'     
+  when: fetch_certs == 'true'
 
 ############################################################################################
 # Fetch the configtx gen tar file from the mentioned URL

diff --git a/platforms/hyperledger-fabric/configuration/roles/create/genesis/tasks/main.yaml b/platforms/hyperledger-fabric/configuration/roles/create/genesis/tasks/main.yaml
@@ -4,30 +4,37 @@
 #  SPDX-License-Identifier: Apache-2.0
 ##############################################################################################
 
+############################################################################################
+# Create the channel-artifacts folder
+- name: "Creating channel-artifacts folder"
+  file:
+    path: "{{ build_path }}/channel-artifacts"
+    state: directory
+
 # Remove old genesis block
 - name: Remove old genesis block
   file:
-    path: "{{ build_path }}/channel-artifacts/genesis.block"
+    path: "{{ build_path }}/channel-artifacts/{{ channel_name }}.genesis.block"
     state: absent
 
 # Create the genesis block by consuming the configtx.yaml file
 - name: "Create genesis block"
   shell: |
     cd {{ build_path }}
     {% if '2.5' in network.version %}
-    ./configtxgen -profile {{ genesis.name }} -channelID {{ channel_name }} -outputBlock ./channel-artifacts/genesis.block
+    ./configtxgen -profile {{ genesis.name }} -channelID {{ channel_name }} -outputBlock ./channel-artifacts/{{ channel_name }}.genesis.block
     {% elif '2.2' in network.version %}
-    ./configtxgen -profile {{ genesis.name }} -channelID syschannel  -outputBlock ./channel-artifacts/genesis.block
+    ./configtxgen -profile {{ genesis.name }} -channelID syschannel  -outputBlock ./channel-artifacts/{{ channel_name }}.genesis.block
     {% else %}
-    ./configtxgen -profile {{ genesis.name }} -channelID syschannel -outputBlock ./channel-artifacts/genesis.block
+    ./configtxgen -profile {{ genesis.name }} -channelID syschannel -outputBlock ./channel-artifacts/{{ channel_name }}.genesis.block
     {% endif %}
-    cat ./channel-artifacts/genesis.block | base64 > ./channel-artifacts/genesis.block.base64
+    cat ./channel-artifacts/{{ channel_name }}.genesis.block | base64 > ./channel-artifacts/{{ channel_name }}.genesis.block.base64
   when: add_new_org == 'false'
 
 # Write genesis block to Vault
 - name: "Write genesis block to Vault"  
   shell: |
-    vault kv put {{ org.vault.secret_path | default('secretsv2') }}/crypto/ordererOrganizations/{{ org.name }}-net {{ network.env.type }}GenesisBlock=@{{build_path}}/channel-artifacts/genesis.block.base64
+    vault kv put {{ org.vault.secret_path | default('secretsv2') }}/crypto/ordererOrganizations/{{ org.name }}-net/{{ channel_name }} {{ network.env.type }}GenesisBlock=@{{build_path}}/channel-artifacts/{{ channel_name }}.genesis.block.base64
   environment:
     VAULT_ADDR: "{{ org.vault.url }}"
     VAULT_TOKEN: "{{ org.vault.root_token }}"

diff --git a/...ric/configuration/roles/create/new_orderer/create_syschannel_block/tasks/nested_main.yaml b/...ric/configuration/roles/create/new_orderer/create_syschannel_block/tasks/nested_main.yaml
@@ -100,13 +100,13 @@
 # This task creates the genesis block by consuming the latest config block
 - name: "Create genesis block"
   shell: |
-    cat {{ build_path }}/{{ channel_name }}_config_block.pb | base64 > {{ build_path }}/channel-artifacts/genesis.block.base64
+    cat {{ build_path }}/{{ channel_name }}_config_block.pb | base64 > {{ build_path }}/channel-artifacts/{{ channel_name }}.genesis.block.base64
   when: update_type == "tls"
 
 # add new genesis block to the vault
 - name: "Write genesis block to Vault"  
   shell: |
-    vault kv put {{ org.vault.secret_path | default('secretsv2') }}/crypto/ordererOrganizations/{{ component_ns }}  {{ network.env.type }}GenesisBlock="$(cat {{build_path}}/channel-artifacts/genesis.block.base64)"
+    vault kv put {{ org.vault.secret_path | default('secretsv2') }}/crypto/ordererOrganizations/{{ component_ns }}/{{ channel_name }}  {{ network.env.type }}GenesisBlock="$(cat {{build_path}}/channel-artifacts/{{ channel_name }}.genesis.block.base64)"
   environment:
     VAULT_ADDR: "{{ org.vault.url }}"
     VAULT_TOKEN: "{{ org.vault.root_token }}"
diff --git a/...figuration/roles/create/new_organization/orderer_org/syschannel/tasks/update_orderer.yaml b/...figuration/roles/create/new_organization/orderer_org/syschannel/tasks/update_orderer.yaml
@@ -68,7 +68,7 @@
     KUBECONFIG={{ kubernetes.config_file }} kubectl exec -n {{ component_ns }} ${PEER_CLI} -- peer channel update -f {{ channel_name }}_config_block.pb -o ${ORDERER_URL} -c {{ channel_name }} --tls --cafile ${ORDERER_CA}
     KUBECONFIG={{ kubernetes.config_file }} kubectl exec -n {{ component_ns }} ${PEER_CLI} -- peer channel fetch config {{ channel_name }}_config_block_latest.pb -o ${ORDERER_URL} -c {{ channel_name }} --tls --cafile ${ORDERER_CA}
     KUBECONFIG={{ kubernetes.config_file }} kubectl cp {{ component_ns }}/${PEER_CLI}:/opt/gopath/src/github.com/hyperledger/fabric/peer/{{ channel_name }}_config_block_latest.pb {{ build_path }}/{{ channel_name }}_config_block.pb
-    cat {{ build_path }}/{{ channel_name }}_config_block.pb | base64 > {{ build_path }}/channel-artifacts/genesis.block.base64
+    cat {{ build_path }}/{{ channel_name }}_config_block.pb | base64 > {{ build_path }}/channel-artifacts/{{ channel_name }}.genesis.block.base64
   environment:
     ORDERER_CA: "/opt/gopath/src/github.com/hyperledger/fabric/crypto/orderer/tls/ca.crt"
     ORDERER_URL: "{{ orderer.ordererAddress }}"
@@ -82,7 +82,7 @@
     KUBECONFIG={{ kubernetes.config_file }} kubectl exec -n {{ component_ns }} ${PEER_CLI} -- peer channel update -f {{ channel_name }}_config_block.pb -o ${ORDERER_URL} -c {{ channel_name }} --tls --cafile ${ORDERER_CA}
     KUBECONFIG={{ kubernetes.config_file }} kubectl exec -n {{ component_ns }} ${PEER_CLI} -- peer channel fetch config {{ channel_name }}_config_block_latest.pb -o ${ORDERER_URL} -c {{ channel_name }} --tls --cafile ${ORDERER_CA}
     KUBECONFIG={{ kubernetes.config_file }} kubectl cp {{ component_ns }}/${PEER_CLI}:/opt/gopath/src/github.com/hyperledger/fabric/peer/{{ channel_name }}_config_block_latest.pb {{ build_path }}/{{ channel_name }}_config_block.pb
-    cat {{ build_path }}/{{ channel_name }}_config_block.pb | base64 > {{ build_path }}/channel-artifacts/genesis.block.base64
+    cat {{ build_path }}/{{ channel_name }}_config_block.pb | base64 > {{ build_path }}/channel-artifacts/{{ channel_name }}.genesis.block.base64
   environment:
     ORDERER_CA: "/opt/gopath/src/github.com/hyperledger/fabric/crypto/orderer/tls/ca.crt"
     ORDERER_URL: "{{ orderer.name | lower }}.{{ component_ns }}:{{ orderer.grpc.port }}"
@@ -93,7 +93,7 @@
 # This task saves the new genesis block to the vault
 - name: Save the genesis block to vault 
   shell: |
-    vault kv put {{ neworg.vault.secret_path | default('secretsv2') }}/crypto/ordererOrganizations/{{ neworg.name }}-net {{ network.env.type }}GenesisBlock="$(cat {{build_path}}/channel-artifacts/genesis.block.base64)"
+    vault kv put {{ neworg.vault.secret_path | default('secretsv2') }}/crypto/ordererOrganizations/{{ neworg.name }}-net/{{ channel_name }} {{ network.env.type }}GenesisBlock="$(cat {{build_path}}/channel-artifacts/{{ channel_name }}.genesis.block.base64)"
   environment:
     VAULT_ADDR: "{{ neworg.vault.url }}"
     VAULT_TOKEN: "{{ neworg.vault.root_token }}"
diff --git a/platforms/hyperledger-fabric/configuration/roles/create/orderers/tasks/main.yaml b/platforms/hyperledger-fabric/configuration/roles/create/orderers/tasks/main.yaml
@@ -8,12 +8,20 @@
 # This role creates value file for zkKafka and orderer
 #############################################################################################
 
+
+
+# Set Variable channel_name
+- name: "Set Variable channel_name"
+  set_fact:
+    channel_name: "{{ network['channels'] | map(attribute='channel_name') | first | lower }}"
+  when: item.type == 'orderer' and ('2.2.' in network.version or '1.4.' in network.version)
+
 # Fetch the genesis block from vault to the build directory
 - name: Fetch the genesis block from vault
   shell: |
-    vault kv get -field={{ network.env.type }}GenesisBlock {{ item.vault.secret_path | default('secretsv2') }}/crypto/ordererOrganizations/{{ item.name | lower }}-net > genesis.block.base64
+    vault kv get -field={{ network.env.type }}GenesisBlock {{ item.vault.secret_path | default('secretsv2') }}/crypto/ordererOrganizations/{{ item.name | lower }}-net > {{ channel_name}}.genesis.block.base64
     mkdir -p ./build/channel-artifacts
-    mv genesis.block.base64 ./build/channel-artifacts/
+    mv {{ channel_name}}.genesis.block.base64 ./build/channel-artifacts/
   environment:
     VAULT_ADDR: "{{ vault.url }}"
     VAULT_TOKEN: "{{ vault.root_token }}"
@@ -60,7 +68,7 @@
     component_name: "{{ orderer.name }}-{{ org_name }}"
     type: "orderers"
     consensus: "{{component_services.consensus}}"
-    genesis: "{{ lookup('file', '{{ build_path }}/channel-artifacts/genesis.block.base64') }}"
+    genesis: "{{ lookup('file', '{{ build_path }}/channel-artifacts/{{ channel_name}}.genesis.block.base64') }}"
   loop: "{{ component_services.orderers }}"
   loop_control:
     loop_var: orderer

diff --git a/platforms/hyperledger-fabric/configuration/roles/create/osnchannels/tasks/main.yaml b/platforms/hyperledger-fabric/configuration/roles/create/osnchannels/tasks/main.yaml
@@ -16,6 +16,7 @@
   include_tasks: valuefile.yaml
   vars:
     org_creator_channels: "{{ item.osn_creator_org.name }}"
+    channel_name: "{{ item.channel_name | lower }}"
   loop: "{{ network['organizations'] }}"
   loop_control:
     loop_var: org

diff --git a/platforms/hyperledger-fabric/configuration/roles/create/osnchannels/tasks/valuefile.yaml b/platforms/hyperledger-fabric/configuration/roles/create/osnchannels/tasks/valuefile.yaml
@@ -17,17 +17,17 @@
     orderer_kubeconfig: "{{ org.k8s.config_file }}"
     orderer_context: "{{ org.k8s.context }}"
 
-# Reset ca-tools pod
-- name: "Reset ca-tools pod"
+# Reset osn-createchannel pod
+- name: "Reset osn-createchannel pod"
   include_role:
     name: create/refresh_certs/reset_pod
   vars:
-    pod_name: "osn-createchannel-{{item.channel_name|lower}}"
-    file_path: "{{playbook_dir}}/../../../{{org.gitops.release_dir}}/{{ org.name | lower }}/{{ org.name | lower }}/{{item.channel_name|lower}}.yaml"
+    pod_name: "osn-createchannel-{{ channel_name }}"
+    file_path: "{{playbook_dir}}/../../../{{org.gitops.release_dir}}/{{ org.name | lower }}/{{ org.name | lower }}/{{ channel_name }}.yaml"
     gitops_value: "{{ org.gitops }}"
     component_ns: "{{ org.name | lower }}-net"
     kubernetes: "{{ org.k8s }}"
-    hr_name: "channel-{{ org.name | lower }}-{{item.channel_name|lower}}"
+    hr_name: "channel-{{ org.name | lower }}-{{ channel_name }}"
   when: add_orderer is defined and add_orderer == 'true'
 
 # Create the value file for creator Organization
@@ -37,7 +37,7 @@
   vars:
     name: "{{ org.name | lower }}"
     type: "osn_create_channel_job"
-    component_name: "{{item.channel_name|lower}}"
+    component_name: "{{ channel_name }}"
     component_ns: "{{ org.name | lower}}-net"
     git_protocol: "{{ org.gitops.git_protocol }}"
     git_url: "{{ org.gitops.git_url }}"
@@ -46,7 +46,7 @@
     vault: "{{ org.vault }}"
     k8s: "{{ org.k8s }}"
     orderers_list: "{{ org.services.orderers }}"
-    genesis: "{{ lookup('file', '{{ build_path }}/channel-artifacts/genesis.block.base64') }}"
+    genesis: "{{ lookup('file', '{{ build_path }}/channel-artifacts/{{ channel_name }}.genesis.block.base64') }}"
     values_dir: "{{playbook_dir}}/../../../{{org.gitops.release_dir}}/{{ org.name | lower }}"
     add_orderer_value: "{{ add_orderer | default('false') }}"
   when: add_orderer is not defined or add_orderer == false
@@ -58,7 +58,7 @@
   vars:
     name: "{{ org.name | lower }}"
     type: "osn_create_channel_job"
-    component_name: "{{item.channel_name|lower}}"
+    component_name: "{{ channel_name }}"
     component_ns: "{{ org.name | lower}}-net"
     git_protocol: "{{ org.gitops.git_protocol }}"
     git_url: "{{ org.gitops.git_url }}"
@@ -87,7 +87,6 @@
   include_role:
     name: "{{ playbook_dir }}/../../shared/configuration/roles/check/helm_component"
   vars:
-    channel_name: "{{ item.channel_name | lower }}"
     component_type: "Job"
     namespace: "{{ org.name | lower}}-net"
     component_name: "osn-createchannel-{{ channel_name }}"

diff --git a/...dger-fabric/configuration/roles/create/refresh_certs/create_channel_block/tasks/main.yaml b/...dger-fabric/configuration/roles/create/refresh_certs/create_channel_block/tasks/main.yaml
@@ -40,12 +40,12 @@
 # Create the genesis block by consuming the latest config block
 - name: "Create genesis block"
   shell: |
-    cat {{ build_path }}/{{ sys_channel_name }}_config_block.pb | base64 > {{ build_path }}/channel-artifacts/genesis.block.base64
+    cat {{ build_path }}/{{ sys_channel_name }}_config_block.pb | base64 > {{ build_path }}/channel-artifacts/{{ channel.channel_name | lower }}.genesis.block.base64
 
 # Add new genesis block to the vault
 - name: "Write genesis block to Vault"
   shell: |
-    vault kv put {{ org.vault.secret_path | default('secretsv2') }}/crypto/ordererOrganizations/{{ component_ns }}  {{ network.env.type }}GenesisBlock="$(cat {{build_path}}/channel-artifacts/genesis.block.base64)"
+    vault kv put {{ org.vault.secret_path | default('secretsv2') }}/crypto/ordererOrganizations/{{ component_ns }}/{{ channel.channel_name | lower }}  {{ network.env.type }}GenesisBlock="$(cat {{build_path}}/channel-artifacts/{{ channel.channel_name | lower }}.genesis.block.base64)"
   environment:
     VAULT_ADDR: "{{ org.vault.url }}"
     VAULT_TOKEN: "{{ org.vault.root_token }}"