update integration test readme (#355)

* update integration test readme

* readme feedback incorporated

* remove Log.Fatal and improve logging on fail

* revert to Mumbai. change to Nairobi was a mistake - tests with chainID in them break there

* Update README.md

integration_test/README.md

@@ -1,25 +1,66 @@
-# Integration test
+## Integration test
 
-The test ensures that Signatory can perform an authenticated sign operations
-while assisting `octez-client`.
+The tests in this folder use a docker compose file to orchestrate the starting of `Signatory`, `flextesa` and `tezos` containers.  
 
-From the project tree root
+The version of Signatory that is run is defined by an environment variable named `IMAGE`.
+
+The `octez-client` that is run by the tests is provided by the `tezos` container, not the `octez-client` that is onboard the `flextesa` image, so that official `tezos` image releases can be used.  The version of `tezos` container is defined by an environment variable named `OCTEZ_VERSION`.
+
+Currently, it is always the `latest` version of the `flextesa` image that is run by the tests, which protocol the testnet runs is defined in the script `flextesa.sh`
+
+## Pulling the images
+
+Pre-release Signatory images are available in [github container registry](https://github.com/ecadlabs/signatory/pkgs/container/signatory)
+Official image releases are available in [dockerhub](https://hub.docker.com/r/ecadlabs/signatory/tags)
+If you get a 404 from the github container registry, you can request access from an admin.
+
+### Github container registry authentication setup
+
+If this is your first time pulling an image from github packages, then you'll need to configure a [Personal Access Token PAT (classic)](https://github.com/settings/tokens). The only access you should grant the PAT is `read:packages`.  With that token as the value of env var `$PAT`, you can now login:
+
+```sh
+echo $PAT |docker login ghcr.io -u <your_github_name> --password-stdin
+```
+
+## Running the tests
+
+Pull the images for the version and architecture that suit your needs from [flextesa](https://hub.docker.com/r/oxheadalpha/flextesa/tags), [tezos](https://hub.docker.com/r/tezos/tezos/tags), [signatory (pre-release)](https://github.com/ecadlabs/signatory/pkgs/container/signatory/versions), or [signatory (release)](https://hub.docker.com/r/ecadlabs/signatory/tags)
+
+Example:
+
+```sh
+export SIGY_IMAGE=ghcr.io/ecadlabs/signatory:main-arm64
+export OCTEZ_VERSION=arm64_v17.0-beta1
+docker pull oxheadalpha/flextesa:latest
+docker pull tezos/tezos:$OCTEZ_VERSION
+docker pull $SIGY_IMAGE
+```
+
+Next, start the stack:
+
+```sh
+cd integration_test
+IMAGE=$SIGY_IMAGE OCTEZ_VERSION=$OCTEZ_VERSION docker compose up -d --wait
+```
+
+Run all the tests:
 
 ```sh
-docker build --no-cache -t signatory-test -f ./integration_test/Dockerfile .
-docker run --rm  -e 'ENV_NODE_ADDR={...}' -e 'ENV_SECRET_KEY={...}' signatory-test
+IMAGE=$SIGY_IMAGE OCTEZ_VERSION=$OCTEZ_VERSION go test ./...
 ```
 
-where `ENV_NODE_ADDR` is the name of a testnet node example: https://ghostnet.ecadinfra.com
-and `ENV_SECRET_KEY` is an unencrypted private key of an implicit, funded account on the testnet
-the private key of alice can be used: edsk3QoqBuvdamxouPhin7swCvkQNgq4jP5KZPbwWNnwdZpSpJiEbq
+Or, just run a single test:
 
-## Environment variables
+```sh
+IMAGE=$SIGY_IMAGE OCTEZ_VERSION=$OCTEZ_VERSION go test -run ^TestOperationAllowPolicy
+```
+
+Stop the stack when you are done:
+
+```sh
+IMAGE=$SIGY_IMAGE OCTEZ_VERSION=$OCTEZ_VERSION docker compose down
+```
 
-| Name               | Default value                   | Description                                                         |
-| ------------------ | ------------------------------- | ------------------------------------------------------------------- |
-| ENV_SECRET_KEY     |                                 | Private key in Tezos Base58 format.                                 |
-| ENV_NODE_ADDR      | https://ghostnet.ecadinfra.com  | Testnet node                                                        |
+## Notes to the operator
 
-## Add new testnet endpoint in Github CI
-To add a new testnet to the `testnet_endpoints` list in `.github/workflows/integration-tests.yaml` we also need to make sure to fund the wallet `tz3NxnbanoQ9hyn3wcxZ3q9XGCaNSvmARv3Z` with some XTZ on the new testnet
+Some tests in this folder make edits to `signatory.yaml` configuration and restart the Signatory service. By design, tests that do this shall clean up after themselves by restoring the copy of the file that is in the code repository.  If `git status` after a test run shows you have modifications to the `signatory.yaml` file, then that would mean a test is failing to clean up after itself and should be corrected.

integration_test/config.go

@@ -1,7 +1,6 @@
 package integrationtest
 
 import (
-	"log"
 	"os"
 
 	yaml "gopkg.in/yaml.v3"
@@ -50,10 +49,10 @@ func (c *Config) Read(file string) error {
 func (c *Config) Write(file string) error {
 	yamlFile, err := yaml.Marshal(c)
 	if err != nil {
-		log.Fatal(err)
+		panic(err)
 	}
 	if err = os.WriteFile(file, yamlFile, 0644); err != nil {
-		log.Fatal(err)
+		panic(err)
 	}
 
 	return nil

integration_test/octezclient.go

@@ -1,7 +1,6 @@
 package integrationtest
 
 import (
-	"log"
 	"os/exec"
 )
 
@@ -17,7 +16,7 @@ func delete_wallet_lock() {
 	var args = []string{"exec", "octez", "rm", "-f", "/home/tezos/.tezos-client/wallet_lock"}
 	out, err := exec.Command(cmd, args...).CombinedOutput()
 	if err != nil {
-		log.Fatal("Failed to delete wallet lock: " + string(out))
+		panic("Failed to delete wallet lock: " + string(out))
 	}
 }
 
@@ -26,6 +25,6 @@ func delete_contracts_aliases() {
 	var args = []string{"exec", "octez", "rm", "-f", "/home/tezos/.tezos-client/contracts"}
 	out, err := exec.Command(cmd, args...).CombinedOutput()
 	if err != nil {
-		log.Fatal("Failed to delete contracts: " + string(out))
+		panic("Failed to delete contracts: " + string(out))
 	}
 }

integration_test/operationkinds_test.go

@@ -103,7 +103,7 @@ func TestOperationAllowPolicy(t *testing.T) {
 			//first, do any setup steps that have to happen before the operation to be tested
 			for _, setupOp := range test.testSetupOps {
 				out, err := OctezClient(setupOp...)
-				require.NoError(t, err)
+				assert.NoError(t, err)
 				require.Contains(t, string(out), "Operation successfully injected in the node")
 			}
 

integration_test/service.go

@@ -1,47 +1,46 @@
 package integrationtest
 
 import (
-	"log"
 	"os/exec"
 )
 
 func restart_signatory() {
 	_, err := exec.Command("docker", "compose", "-f", "./docker-compose.yml", "stop", "signatory").CombinedOutput()
 	if err != nil {
-		log.Fatal("failed to stop signatory")
+		panic("failed to stop signatory")
 	}
 	_, err = exec.Command("docker", "compose", "-f", "./docker-compose.yml", "up", "-d", "--wait", "signatory").CombinedOutput()
 	if err != nil {
-		log.Fatal("failed to start signatory during restart")
+		panic("failed to start signatory during restart")
 	}
 }
 
 func backup_then_update_config(c Config) {
 	_, err := exec.Command("cp", "signatory.yaml", "signatory.original.yaml").CombinedOutput()
 	if err != nil {
-		log.Fatal("failed to backup config")
+		panic("failed to backup config")
 	}
 	err = c.Write("signatory.yaml")
 	if err != nil {
-		log.Fatal("failed to write new config")
+		panic("failed to write new config")
 	}
 }
 
 func restore_config() {
 	_, err := exec.Command("mv", "signatory.original.yaml", "signatory.yaml").CombinedOutput()
 	if err != nil {
-		log.Fatal("failed to restore original config")
+		panic("failed to restore original config")
 	}
 	restart_signatory()
 }
 
 func restart_stack() {
 	_, err := exec.Command("docker", "compose", "-f", "./docker-compose.yml", "kill").CombinedOutput()
 	if err != nil {
-		log.Fatal("failed to kill stack")
+		panic("failed to kill stack")
 	}
 	_, err = exec.Command("docker", "compose", "-f", "./docker-compose.yml", "up", "-d", "--wait").CombinedOutput()
 	if err != nil {
-		log.Fatal("failed to up stack")
+		panic("failed to up stack")
 	}
 }