Coverage focused testcases

.github/workflows/build.yaml

@@ -123,8 +123,9 @@ jobs:
           VAULT_AWS_KEY: ${{ secrets.INTEGRATIONTEST_VAULT_AWS_KEY }}
           VAULT_AWS_SECRET: ${{ secrets.INTEGRATIONTEST_VAULT_AWS_SECRET }}
           VAULT_AWS_REGION: ${{ secrets.INTEGRATIONTEST_VAULT_AWS_REGION }}
-          VAULT_AWS_PKH_TZ2: ${{ secrets.INTEGRATIONTEST_VAULT_AWS_TZ2 }}
-          VAULT_AWS_PKH_TZ3: ${{ secrets.INTEGRATIONTEST_VAULT_AWS_TZ3 }}
+          VAULT_AWS_TZ2: ${{ secrets.INTEGRATIONTEST_VAULT_AWS_TZ2 }}
+          VAULT_AWS_TZ3: ${{ secrets.INTEGRATIONTEST_VAULT_AWS_TZ3 }}
+          VAULT_AWS_TZ3_PK: ${{ secrets.INTEGRATIONTEST_VAULT_AWS_TZ3_PK }}
           VAULT_AZ_CLIENTCERTTHUMB: ${{ secrets.INTEGRATIONTEST_VAULT_AZ_CLIENTCERTTHUMB }}
           VAULT_AZ_CLIENTID: ${{ secrets.INTEGRATIONTEST_VAULT_AZ_CLIENTID }}
           VAULT_AZ_RESGROUP: ${{ secrets.INTEGRATIONTEST_VAULT_AZ_RESGROUP }}
@@ -134,6 +135,7 @@ jobs:
           VAULT_AZ_VAULT: ${{ secrets.INTEGRATIONTEST_VAULT_AZ_VAULT }}
           VAULT_AZ_TZ2: ${{ secrets.INTEGRATIONTEST_VAULT_AZ_TZ2 }}
           VAULT_AZ_TZ3: ${{ secrets.INTEGRATIONTEST_VAULT_AZ_TZ3 }}
+          VAULT_AZ_TZ3_PK: ${{ secrets.INTEGRATIONTEST_VAULT_AZ_TZ3_PK }}
           VAULT_GCP_PROJECTID: ${{ secrets.INTEGRATIONTEST_VAULT_GCP_PROJECTID }}
           VAULT_GCP_PRIVATEKEYID: ${{ secrets.INTEGRATIONTEST_VAULT_GCP_PRIVATEKEYID }}
           VAULT_GCP_PRIVATEKEY: ${{ secrets.INTEGRATIONTEST_VAULT_GCP_PRIVATEKEY }}
@@ -143,6 +145,7 @@ jobs:
           VAULT_GCP_KEYRING: ${{ secrets.INTEGRATIONTEST_VAULT_GCP_KEYRING }}
           VAULT_GCP_LOCATION: ${{ secrets.INTEGRATIONTEST_VAULT_GCP_LOCATION }}
           VAULT_GCP_TZ3: ${{ secrets.INTEGRATIONTEST_VAULT_GCP_TZ3 }}
+          VAULT_GCP_TZ3_PK: ${{ secrets.INTEGRATIONTEST_VAULT_GCP_TZ3_PK }}
         run: >
          cd integration_test;
          export ARCH=amd64;

integration_test/.env.vaults

@@ -2,8 +2,9 @@ export VAULT_AWS_USER=${{ secrets.INTEGRATIONTEST_VAULT_AWS_USER }}
 export VAULT_AWS_KEY=${{ secrets.INTEGRATIONTEST_VAULT_AWS_KEY }}
 export VAULT_AWS_SECRET=${{ secrets.INTEGRATIONTEST_VAULT_AWS_SECRET }}
 export VAULT_AWS_REGION=${{ secrets.INTEGRATIONTEST_VAULT_AWS_REGION }}
-export VAULT_AWS_PKH_TZ2=${{ secrets.INTEGRATIONTEST_VAULT_AWS_TZ2 }}
-export VAULT_AWS_PKH_TZ3=${{ secrets.INTEGRATIONTEST_VAULT_AWS_TZ3 }}
+export VAULT_AWS_TZ2=${{ secrets.INTEGRATIONTEST_VAULT_AWS_TZ2 }}
+export VAULT_AWS_TZ3=${{ secrets.INTEGRATIONTEST_VAULT_AWS_TZ3 }}
+export VAULT_AWS_TZ3_PK=${{ secrets.INTEGRATIONTEST_VAULT_AWS_TZ3_PK }}
 
 export VAULT_AZ_CLIENTCERTTHUMB=${{ secrets.INTEGRATIONTEST_VAULT_AZ_CLIENTCERTTHUMB }}
 export VAULT_AZ_CLIENTID=${{ secrets.INTEGRATIONTEST_VAULT_AZ_CLIENTID }}
@@ -14,6 +15,7 @@ export VAULT_AZ_TENANTID=${{ secrets.INTEGRATIONTEST_VAULT_AZ_TENANTID }}
 export VAULT_AZ_VAULT=${{ secrets.INTEGRATIONTEST_VAULT_AZ_VAULT }}
 export VAULT_AZ_TZ2=${{ secrets.INTEGRATIONTEST_VAULT_AZ_TZ2 }}
 export VAULT_AZ_TZ3=${{ secrets.INTEGRATIONTEST_VAULT_AZ_TZ3 }}
+export VAULT_AZ_TZ3_PK=${{ secrets.INTEGRATIONTEST_VAULT_AZ_TZ3_PK }}
 
 export VAULT_GCP_PROJECTID=${{ secrets.INTEGRATIONTEST_VAULT_GCP_PROJECTID }}
 export VAULT_GCP_PRIVATEKEYID=${{ secrets.INTEGRATIONTEST_VAULT_GCP_PRIVATEKEYID }}
@@ -24,3 +26,4 @@ export VAULT_GCP_X509_URL=${{ secrets.INTEGRATIONTEST_VAULT_GCP_X509_URL }}
 export VAULT_GCP_KEYRING=${{ secrets.INTEGRATIONTEST_VAULT_GCP_KEYRING }}
 export VAULT_GCP_LOCATION=${{ secrets.INTEGRATIONTEST_VAULT_GCP_LOCATION }}
 export VAULT_GCP_TZ3=${{ secrets.INTEGRATIONTEST_VAULT_GCP_TZ3 }}
+export VAULT_GCP_TZ3_PK=${{ secrets.INTEGRATIONTEST_VAULT_GCP_TZ3_PK }}

integration_test/.tezos-client/public_key_hashs

@@ -2,4 +2,6 @@
   { "name": "bob", "value": "tz1aSkwEot3L2kmUvcoxzjMomb9mvBNuzFK6" },
   { "name": "opstest", "value": "tz1RKGhRF4TZNCXEfwyqZshGsVfrZeVU446B" },
   { "name": "opstest1", "value": "tz1R8HJMzVdZ9RqLCknxeq9w5rSbiqJ41szi" },
-  { "name": "speculos", "value": "tz1RVYaHiobUKXMfJ47F7Rjxx5tu3LC35WSA" } ]
+  { "name": "speculos", "value": "tz1RVYaHiobUKXMfJ47F7Rjxx5tu3LC35WSA" },
+  { "name": "tz2alias", "value": "tz2QPsZoZse4eeahhg5DdfnBDB4VbU1PwgxN" },
+  { "name": "tz4alias", "value": "tz4XXtsYav3fZz2FSDa7hcx4F8sh8SaDWNME" } ]

integration_test/.tezos-client/public_keys

@@ -22,4 +22,14 @@
     "value":
       { "locator":
           "http://signatory:6732/tz1RVYaHiobUKXMfJ47F7Rjxx5tu3LC35WSA",
-        "key": "edpktsKqhvR7kXbRWD7yDgLSD7PZUXvjLqf9SFscXhL52pUStF5nQp" } } ]
+        "key": "edpktsKqhvR7kXbRWD7yDgLSD7PZUXvjLqf9SFscXhL52pUStF5nQp" } },
+  { "name": "tz2alias",
+    "value":
+      { "locator":
+          "http://signatory:6732/tz2QPsZoZse4eeahhg5DdfnBDB4VbU1PwgxN",
+        "key": "sppk7cvVVMRRtYTdriTB6KQqpXZt9TUwSTcpMWq4FwpvG2eVZ56UuHP" } },
+  { "name": "tz4alias",
+    "value":
+      { "locator":
+          "http://signatory:6732/tz4XXtsYav3fZz2FSDa7hcx4F8sh8SaDWNME",
+        "key": "BLpk1nRV5SBB2QCxsiem5Neoywcizr3mkdp167HL1iKFgFvzPhKo4RSy7J8JBh2BgGgVYjNsRGwU" } } ]

integration_test/.tezos-client/secret_keys

@@ -7,4 +7,8 @@
   { "name": "opstest1",
     "value": "http://signatory:6732/tz1R8HJMzVdZ9RqLCknxeq9w5rSbiqJ41szi" },
   { "name": "speculos",
-    "value": "http://signatory:6732/tz1RVYaHiobUKXMfJ47F7Rjxx5tu3LC35WSA" } ]
+    "value": "http://signatory:6732/tz1RVYaHiobUKXMfJ47F7Rjxx5tu3LC35WSA" },
+  { "name": "tz2alias",
+    "value": "http://signatory:6732/tz2QPsZoZse4eeahhg5DdfnBDB4VbU1PwgxN" },
+  { "name": "tz4alias",
+    "value": "http://signatory:6732/tz4XXtsYav3fZz2FSDa7hcx4F8sh8SaDWNME" } ]

integration_test/README.md

@@ -30,6 +30,8 @@ echo $PAT |docker login ghcr.io -u <your_github_name> --password-stdin
 
 ## Running the tests
 
+The tests are run in a [github workflow](/.github/workflows/build.yaml) and so the workflow should be consulted to learn how to run the tests locally.  A more verbose explanation:
+
 ```sh
 cd integration_test
 ```

integration_test/addresstypes_test.go

@@ -0,0 +1,26 @@
+package integrationtest
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/require"
+)
+
+//there are enough existing integration tests using tz1 and tz3 addresses that it would be redundant to do so here
+
+func TestTz4(t *testing.T) {
+	//flextesa does not start when we try to use a tz4 bootstrap account, so, we have to fund it first
+	out, err := OctezClient("-w", "1", "transfer", "200", "from", "alice", "to", "tz4alias", "--burn-cap", "0.06425")
+	require.NoError(t, err)
+	require.Contains(t, string(out), "Operation successfully injected in the node")
+
+	out, err = OctezClient("-w", "1", "transfer", "100", "from", "tz4alias", "to", "alice", "--burn-cap", "0.06425")
+	require.NoError(t, err)
+	require.Contains(t, string(out), "Operation successfully injected in the node")
+}
+
+func TestTz2(t *testing.T) {
+	out, err := OctezClient("-w", "1", "transfer", "100", "from", "tz2alias", "to", "alice", "--burn-cap", "0.06425")
+	require.NoError(t, err)
+	require.Contains(t, string(out), "Operation successfully injected in the node")
+}

integration_test/cli_test.go

@@ -14,4 +14,101 @@ func TestCliList(t *testing.T) {
 	out, err := SignatoryCli("list")
 	assert.Nil(t, err)
 	require.Contains(t, string(out), "tz1VSUr8wwNhLAzempoch5d6hLRiTh8Cjcjb")
+	require.Contains(t, string(out), "tz2QPsZoZse4eeahhg5DdfnBDB4VbU1PwgxN")
+	require.Contains(t, string(out), "tz3Y2TkhTYG6MfPsijGfHFqBYrLCfwYb6HRB")
+	require.Contains(t, string(out), "tz4XXtsYav3fZz2FSDa7hcx4F8sh8SaDWNME")
+}
+
+func TestCliUsage(t *testing.T) {
+	out, err := SignatoryCli()
+	assert.Nil(t, err)
+	require.Contains(t, string(out), "Usage:")
+	require.Contains(t, string(out), "signatory-cli [command]")
+	require.Contains(t, string(out), "completion    Generate the autocompletion script for the specified shell")
+	require.Contains(t, string(out), "help          Help about any command")
+	require.Contains(t, string(out), "import        Import Tezos private keys (edsk..., spsk..., p2sk...)")
+	require.Contains(t, string(out), "ledger        Ledger specific operations")
+	require.Contains(t, string(out), "list          List public keys")
+	require.Contains(t, string(out), "list-ops      Print possible operation types inside the `generic` request")
+	require.Contains(t, string(out), "list-requests Print possible request types")
+	require.Contains(t, string(out), "version       Show signatory image version/release (short alias 'v')")
+}
+
+// If/when Issue #425 is fixed, this test will break.  to fix it, leverage the function in this package named "getAllOps"
+func TestCliListOps(t *testing.T) {
+	out, err := SignatoryCli("list-ops")
+	assert.Nil(t, err)
+	require.Contains(t, string(out), "Possible operation types:")
+	require.Contains(t, string(out), "- activate_account")
+	require.Contains(t, string(out), "- ballot")
+	require.Contains(t, string(out), "- delegation")
+	require.Contains(t, string(out), "- double_baking_evidence")
+	require.Contains(t, string(out), "- double_endorsement_evidence")
+	require.Contains(t, string(out), "- double_preendorsement_evidence")
+	require.Contains(t, string(out), "- drain_delegate")
+	require.Contains(t, string(out), "- endorsement")
+	require.Contains(t, string(out), "- endorsement_with_slot")
+	require.Contains(t, string(out), "- failing_noop")
+	require.Contains(t, string(out), "- increase_paid_storage")
+	require.Contains(t, string(out), "- origination")
+	require.Contains(t, string(out), "- preendorsement")
+	require.Contains(t, string(out), "- proposals")
+	require.Contains(t, string(out), "- register_global_constant")
+	require.Contains(t, string(out), "- reveal")
+	require.Contains(t, string(out), "- seed_nonce_revelation")
+	require.Contains(t, string(out), "- set_deposits_limit")
+	require.Contains(t, string(out), "- transaction")
+	require.Contains(t, string(out), "- update_consensus_key")
+	require.Contains(t, string(out), "- vdf_revelation")
+}
+
+func TestCliListRequests(t *testing.T) {
+	out, err := SignatoryCli("list-requests")
+	assert.Nil(t, err)
+	require.Contains(t, string(out), "Possible request types:")
+	require.Contains(t, string(out), "- block")
+	require.Contains(t, string(out), "- endorsement")
+	require.Contains(t, string(out), "- generic")
+	require.Contains(t, string(out), "- preendorsement")
+}
+
+func TestCliHelp(t *testing.T) {
+	usage, err := SignatoryCli()
+	assert.Nil(t, err)
+	help, err := SignatoryCli("help")
+	assert.Nil(t, err)
+	require.Contains(t, string(help), string(usage))
+}
+
+func TestCliLedgerUsage(t *testing.T) {
+	out, err := SignatoryCli("ledger")
+	assert.Nil(t, err)
+	require.Contains(t, string(out), "Ledger specific operations")
+	require.Contains(t, string(out), "Usage:")
+	require.Contains(t, string(out), "signatory-cli ledger [command]")
+	require.Contains(t, string(out), "Available Commands:")
+	require.Contains(t, string(out), "deauthorize-baking  Deuthorize a key")
+	require.Contains(t, string(out), "get-high-watermark  Get high water mark")
+	require.Contains(t, string(out), "get-high-watermarks Get all high water marks and chain ID")
+	require.Contains(t, string(out), "list                List connected Ledgers")
+	require.Contains(t, string(out), "set-high-watermark  Set high water mark")
+	require.Contains(t, string(out), "setup-baking        Authorize a key for baking")
+	require.Contains(t, string(out), "Use \"signatory-cli ledger [command] --help\" for more information about a command.")
+}
+
+func TestCliLedgerList(t *testing.T) {
+	out, err := SignatoryCli("ledger", "-t", "tcp://speculos:9999", "list")
+	assert.Nil(t, err)
+	require.Contains(t, string(out), "Path:  		speculos:9999")
+	require.Contains(t, string(out), "ID:")
+	require.Contains(t, string(out), "Version:")
+}
+
+func TestCliVersion(t *testing.T) {
+	v, err := SignatoryCli("v")
+	assert.Nil(t, err)
+	require.Contains(t, string(v), "Release Version: ")
+	require.Greater(t, len(v), len("Release Version: ")+4)
+	version, err := SignatoryCli("version")
+	require.Equal(t, v, version)
 }

integration_test/cover.sh

@@ -0,0 +1,14 @@
+#!/bin/bash
+
+#this script is used on a test developer's workstation to get coverage info
+#it works on macos
+
+rm -f covraw.txt
+go tool covdata textfmt -i=./coverage -o covraw.txt
+sed -i '' 's/\/go\/src\/github.com/github.com/g' covraw.txt
+rm -f cov.txt
+go tool cover -func covraw.txt -o cov.txt
+cat cov.txt
+rm -f cov.html
+go tool cover -html covraw.txt -o cov.html
+open cov.html

integration_test/flextesa.sh

@@ -7,6 +7,8 @@ export bob="$(flextesa key bob)"
 export speculos="speculos,edpktsKqhvR7kXbRWD7yDgLSD7PZUXvjLqf9SFscXhL52pUStF5nQp,tz1RVYaHiobUKXMfJ47F7Rjxx5tu3LC35WSA,unencrypted:edskRuZGqmXodGDghUhpHV5mfcmfEpA46FLs5kY6QBbyzpfb9JQEwpvrumBroTJ9iyHcY8PKdRAusCLPf7vDRVXhfN8WHE5r8m"
 export b0="$(flextesa key bootacc-0)"
 export user1="user1,edpkvNSVE2pL4eaCYrew1NEuLi4nnYmwQfe4tdM4NoVgNMEoVCNGoW,tz1QgHGuotVTCmYtA2Mr83FdiWLbwKqUvdnp,unencrypted:edsk3bNBh8s1eovydiRv6YitZHQpBkcS9s9ATQHRZfUQxUKcFU9Mh7"
+export tz2alias="tz2alias,sppk7cvVVMRRtYTdriTB6KQqpXZt9TUwSTcpMWq4FwpvG2eVZ56UuHP,tz2QPsZoZse4eeahhg5DdfnBDB4VbU1PwgxN,unencrypted:spsk1XYsTqUsd7LaLs9a8qpmCvLVJeLEZEXkeAZS5dwcKgUZhv3cYw"
+#export tz4alias="tz4alias,BLpk1nRV5SBB2QCxsiem5Neoywcizr3mkdp167HL1iKFgFvzPhKo4RSy7J8JBh2BgGgVYjNsRGwU,tz4XXtsYav3fZz2FSDa7hcx4F8sh8SaDWNME,unencrypted:BLsk1XMDG3iepYGj15mBWc7dYjrkpVVM4VH3y5DyBCN9iAGrELwRbY"
 
 root_path=/tmp/mini-box
 
@@ -20,9 +22,11 @@ flextesa mini-net \
          --add-bootstrap-account="$speculos@2_000_000_000_000" \
          --add-bootstrap-account="$bob@2_000_000_000_000" \
          --add-bootstrap-account="$user1@2_000_000_000_000" \
+         --add-bootstrap-account="$tz2alias@2_000_000_000_000" \
          --no-daemons-for=alice \
          --no-daemons-for=bob \
          --no-daemons-for=speculos \
          --no-daemons-for=user1 \
+         --no-daemons-for=tz2alias \
          --until-level 200_000_000 \
          --protocol-kind "$protocol"

integration_test/http.go

@@ -0,0 +1,77 @@
+package integrationtest
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"strings"
+)
+
+type SignSuccessResponse struct {
+	Signature string `json:"signature"`
+}
+
+type SignFailureResponse struct {
+	Id   string `json:"id"`
+	Kind string `json:"kind"`
+	Msg  string `json:"msg"`
+}
+
+func RequestSignature(pkh string, body string) (int, []byte) {
+	url := "http://localhost:6732/keys/" + pkh
+	reqbody := strings.NewReader(body)
+	client := &http.Client{}
+	req, err := http.NewRequest(http.MethodPost, url, reqbody)
+	if err != nil {
+		panic(err)
+	}
+	resp, err := client.Do(req)
+	if err != nil {
+		panic(err)
+	}
+	defer resp.Body.Close()
+	bytes, err := io.ReadAll(resp.Body)
+	if err != nil {
+		panic(err)
+	}
+	return resp.StatusCode, bytes
+}
+
+type GetKeySuccessResponse struct {
+	PublicKey string `json:"public_key"`
+}
+
+func getPublicKey(pkh string) (int, []byte) {
+	url := "http://localhost:6732/keys/" + pkh
+	client := &http.Client{}
+	req, err := http.NewRequest(http.MethodGet, url, nil)
+	if err != nil {
+		panic(err)
+	}
+	resp, err := client.Do(req)
+	if err != nil {
+		panic(err)
+	}
+	defer resp.Body.Close()
+	bytes, err := io.ReadAll(resp.Body)
+	if err != nil {
+		panic(err)
+	}
+	return resp.StatusCode, bytes
+}
+
+func GetPublicKey(pkh string) string {
+	code, message := getPublicKey(pkh)
+	if code != 200 {
+		panic("GetPublicKey: http return code " + fmt.Sprint(code))
+	}
+	var r GetKeySuccessResponse
+	dec := json.NewDecoder(bytes.NewReader(message))
+	err := dec.Decode(&r)
+	if err != nil {
+		panic("GetPublicKey: error decoding json response: " + err.Error())
+	}
+	return r.PublicKey
+}

integration_test/signatory-local-secret.json

@@ -18,5 +18,13 @@
   { 
     "name": "baker",
     "value": "unencrypted:edsk3REH79xaoCkNizrDo8cY4WYwEkrFLTAdjb1pjcP9yQora4qE3Y" 
-  }    
+  },
+  { 
+    "name": "tz2alias",
+    "value": "unencrypted:spsk1XYsTqUsd7LaLs9a8qpmCvLVJeLEZEXkeAZS5dwcKgUZhv3cYw" 
+  },
+  { 
+    "name": "tz4alias",
+    "value": "unencrypted:BLsk1XMDG3iepYGj15mBWc7dYjrkpVVM4VH3y5DyBCN9iAGrELwRbY" 
+  }     
 ]

integration_test/signatory.yaml

@@ -75,3 +75,18 @@ tezos:
     allow:
       generic:
         - transaction
+
+  #tz2
+  tz2QPsZoZse4eeahhg5DdfnBDB4VbU1PwgxN:
+    log_payloads: true
+    allow:
+      generic:
+        - transaction
+
+  #tz4
+  tz4XXtsYav3fZz2FSDa7hcx4F8sh8SaDWNME:
+    log_payloads: true
+    allow:
+      generic:
+        - transaction
+        - reveal