manage

#!/bin/bash
# set -x

# Set of valid agents - add new agents here
export VALID_AGENTS=$(ls aries-backchannels/*/Dockerfile.* | sed "s/^.*file.//" |  tr "\n" " " | sort -u)

export MSYS_NO_PATHCONV=1
# getDockerHost; for details refer to https://github.com/bcgov/DITP-DevOps/tree/main/code/snippets#getdockerhost
. /dev/stdin <<<"$(cat <(curl -s --raw https://raw.githubusercontent.com/bcgov/DITP-DevOps/main/code/snippets/getDockerHost))" 
export DOCKERHOST=$(getDockerHost)

SCRIPT_HOME="$( cd "$( dirname "$0" )" && pwd )"
export COMPOSE_PROJECT_NAME="${COMPOSE_PROJECT_NAME:-aath}"
export AGENT_TIMEOUT=30
export LEDGER_TIMEOUT=60
# these two can be overrode via env vars
export LEDGER_URL_CONFIG="${LEDGER_URL_CONFIG}"
export TAILS_SERVER_URL_CONFIG="${TAILS_SERVER_URL_CONFIG}"
export AGENT_CONFIG_FILE="${AGENT_CONFIG_FILE}"

# these are derived from the above two
LEDGER_URL_HOST="${LEDGER_URL_CONFIG:-http://localhost:9000}"
LEDGER_URL_INTERNAL="${LEDGER_URL_CONFIG:-http://${DOCKERHOST}:9000}"
TAILS_SERVER_URL_HOST="${TAILS_SERVER_URL_CONFIG:-http://localhost:6543}"
TAILS_SERVER_URL_INTERNAL="${TAILS_SERVER_URL_CONFIG:-http://${DOCKERHOST}:6543}"
CLOUD_AGENCY_URL="${CLOUD_AGENCY_URL:-http://localhost:8000}"
# important: inside the internal URLs, we replace "://localhost:" with "://${DOCKERHOST}:"
#   so it works inside docker.
LEDGER_URL_INTERNAL="$(echo ${LEDGER_URL_INTERNAL} | sed "s/:\/\/localhost:/:\/\/${DOCKERHOST}:/" )"
TAILS_SERVER_URL_INTERNAL="$(echo ${TAILS_SERVER_URL_INTERNAL} | sed "s/:\/\/localhost:/:\/\/${DOCKERHOST}:/" )"
CLOUD_AGENCY_URL_INTERNAL="$(echo ${CLOUD_AGENCY_URL} | sed "s/:\/\/localhost:/:\/\/${DOCKERHOST}:/" )"

# Running on Windows?
if [[ "$OSTYPE" == "msys" ]]; then
  # Prefix interactive terminal commands ...
  terminalEmu="winpty"
fi

export INTERACTIVE="-it"
if [[ "$NO_TTY" == "1" ]]; then
  unset INTERACTIVE
fi

#Running on Play with Docker?
if [ "${PWD_HOST_FQDN}" != "" ]; then
  if [ "${PWD_HOST_FQDN}" == "labs.play-with-docker.com" ]; then
    export ETH_CONFIG="eth1"
  elif [ "${PWD_HOST_FQDN}" == "play-with-docker.vonx.io" ]; then
    export ETH_CONFIG="eth0"
  else
    export ETH_CONFIG="eth0"
  fi
  myhost=`ifconfig ${ETH_CONFIG} | grep inet | cut -d':' -f2 | cut -d' ' -f1 | sed 's/\./\-/g'`
  if [ "${GENESIS_URL}" == "" ]; then
    export GENESIS_URL="http://ip${myhost}-${SESSION_ID}-9000.direct.${PWD_HOST_FQDN}/genesis"
  fi
  # Check if von-network is running
  # Should this be moved out of the Play with Docker section?
  if [ "${1}" == "run" ]; then
    curl -s ${GENESIS_URL} > /dev/null
    res=$?
    if test "$res" != "0"; then
      echo "Error: Unable to find the genesis file for the Indy Network"
      echo "Is von-network running?"
      echo GENESIS_URL: ${GENESIS_URL}
      exit 1
    fi
  fi
fi

# =================================================================================================================
# Usage:
# -----------------------------------------------------------------------------------------------------------------
usage () {
  cat <<-EOF

  Usage: $0 [command] [options]

  Commands:

  build [ -a agent ]* args
    Build the docker images for the agents and the test harness.
      You need to do this first.
      - "agent" must be one from the supported list: ${VALID_AGENTS}
      - multiple agents may be built by specifying multiple -a options
      - By default, all agents and the harness will be built

  rebuild [ -a agent ]* args
    Same as build, but adds the --no-cache option to force building from scratch

  run [ -a/b/f/m/d agent ] [-r allure [-e comparison]] [ -i <ini file> ] [ -o <output file> ] [ -n ] [ -v <AIP level> ] [ -t tags ]*
    Run the tagged tests using the specified agents for Acme, Bob, Faber and Mallory.
      Select the agents for the roles of Acme (-a), Bob (-b), Faber (-f) and Mallory (-m).
      - For all to be set to the same, use "-d" for default.
      - The value for agent must be one of: ${VALID_AGENTS}
      Use -t option(s) to indicate tests with the gives tag(s) are to be executed.
        -t options can NOT have spaces, even if the option is quoted; use a behave INI file instead (-i option)
        For not running tagged tests, specify a ~ before the tag, e.g. "-t ~@wip" runs tests that don't have the "@wip" tag
      Use -v to specify the AIP level, in case the agent needs to customize its startup configuration
        "-v 10" or "-v 20"
      Use the -i option to use the specified file as the behave.ini file for the run
      - Default is the behave.ini file in the "aries-test-harness" folder
      Use the -r option to output to allure
        (allure is the only supported option)
      Use the -e option to compare current results to Known Good Results (KGR)
        (comparison is the only supported option)
      Use the -n option to start ngrok endpoints for each agent
        (this is *required* when testing with a Mobile agent)

    Examples:
    $0 run -a acapy -b vcx -f vcx -m acapy  - Run all the tests using the specified agents per role
    $0 run -d vcx                           - Run all tests for all features using the vcx agent in all roles
    $0 run -d acapy -t @SmokeTest -t @P1    - Run the tests tagged @SmokeTest and/or @P1 (priority 1) using all ACA-Py agents
    $0 run -d acapy -b mobile -n -t @MobileTest  - Run the mobile tests using ngrok endpoints

  tags - Get a list of the tags on the features tests

  tests - Get a list of the test scenarios in the features, including the associated tags

  test [-r allure [-e comparison]] [ -i <ini file> ] [ -o <output file> ] [ -n ] [ -v <AIP level> ] [ -t tags ]*
    Run the tagged tests using the set of agents that were started with the 'start' command, using all the same parameters as 'run',
    except -a/b/f/m/d/n.

  scenarios - synonym for tests, but longer and harder to spell

  service [start|stop|logs|clean] service-name
    Run the given service command on the given service. Commands:
      - start: start the service, creating the AATH docker network if necessary.
      - stop: stop the service, deleting the AATH docker network if it's now unused.
      - logs: print the scrolling logs of the service. Ctrl-C to exit.
      - clean: clean up the service containers and build files, if any.

  start [ -a/b/f/m/d agent ]* [-n]
    Initialize the test harness using the specified agents for Acme, Bob, Faber and Mallory.
      Select the agents for the roles of Acme (-a), Bob (-b), Faber (-f) and Mallory (-m).
      - For all to be set to the same, use "-d" for default.
      - The value for agent must be one of: ${VALID_AGENTS}
    Use the -n option to start ngrok endpoints for each agent
        (this is *required* when testing with a Mobile agent)

  stop - stop the test harness.

  rebuild - Rebuild the docker images.

  dockerhost - Print the ip address of the Docker Host Adapter as it is seen by containers running in docker.
EOF
exit 1
}

# -----------------------------------------------------------------------------------------------------------------
# Functions:
# -----------------------------------------------------------------------------------------------------------------

toLower() {
  echo $(echo ${@} | tr '[:upper:]' '[:lower:]')
}

function echoRed (){
  _msg="${@}"
  _red='\e[31m'
  _nc='\e[0m' # No Color
  echo -e "${_red}${_msg}${_nc}"
}

function initDockerBuildArgs() {
  dockerBuildArgs=""

  # HTTP proxy, prefer lower case
  if [[ "${http_proxy}" ]]; then
    dockerBuildArgs=" ${dockerBuildArgs} --build-arg http_proxy=${http_proxy}"
  else
    if [[ "${HTTP_PROXY}" ]]; then
      dockerBuildArgs=" ${dockerBuildArgs} --build-arg http_proxy=${HTTP_PROXY}"
    fi
  fi

  # HTTPS proxy, prefer lower case
  if [[ "${https_proxy}" ]]; then
    dockerBuildArgs=" ${dockerBuildArgs} --build-arg https_proxy=${https_proxy}"
  else
    if [[ "${HTTPS_PROXY}" ]]; then
      dockerBuildArgs=" ${dockerBuildArgs} --build-arg https_proxy=${HTTPS_PROXY}"
    fi
  fi

  echo ${dockerBuildArgs}
}

function initEnv() {

  if [ -f .env ]; then
    while read line; do
      if [[ ! "$line" =~ ^\# ]] && [[ "$line" =~ .*= ]]; then
        export ${line//[$'\r\n']}
      fi
    done <.env
  fi

  for arg in "$@"; do
    # Remove recognized arguments from the list after processing.
    shift
    case "$arg" in
      *=*)
        export "${arg}"
        ;;
      *)
        # If not recognized, save it for later procesing ...
        set -- "$@" "$arg"
        ;;
    esac
  done

  export LOG_LEVEL=${LOG_LEVEL:-info}
  export RUST_LOG=${RUST_LOG:-warning}
}

# TODO: set up image builds so you don't need to use `./manage rebuild` to refresh remote source repo
# - image Dockerfile has an ARG for the commit hash,
# - build script grabs the HEAD commit hash from the agent's github repo

# Build images -- add more backchannels here...
# TODO: Define args to build only what's needed
buildImages() {
  args=${@}

  echo Agents to build: ${BUILD_AGENTS}

  for agent in ${BUILD_AGENTS}; do
    export BACKCHANNEL_FOLDER=$(dirname "$(find aries-backchannels -name *.${agent})" )
    echo Backchannel Folder: ${BACKCHANNEL_FOLDER}
    if [ -e "${BACKCHANNEL_FOLDER}/Dockerfile.${agent}" ]; then
      echo "Building ${agent}-agent-backchannel ..."
      local REPO_ARGS
      REPO_ARGS=
      if [[ -f "${BACKCHANNEL_FOLDER}/${agent}.repoenv" ]]; then
        source "${BACKCHANNEL_FOLDER}/${agent}.repoenv"
        if [[ -n "${REPO_URL}" ]]; then
          local REPO_COMMIT
          if [[ -z ${REPO_BRANCH} ]]; then
            REPO_BRANCH=HEAD
          fi
          REPO_COMMIT=$(git ls-remote ${REPO_URL} ${REPO_BRANCH} | cut -f1)
          REPO_ARGS="--build-arg REPO_URL=${REPO_URL} --build-arg REPO_COMMIT=${REPO_COMMIT}"
        fi
      fi

      if ! docker build \
        ${args} \
        $(initDockerBuildArgs) \
        ${REPO_ARGS} \
        -t "${agent}-agent-backchannel" \
        -f "${BACKCHANNEL_FOLDER}/Dockerfile.${agent}" "aries-backchannels/"; then
          echo "Docker image build failed."
          exit 1
      fi
    else
      echo "Unable to find Dockerfile to build agent: ${agent}"
      echo "Must be one one of: ${VALID_AGENTS}"
    fi
  done

  echo "Building aries-test-harness ..."
  if ! docker build \
    ${args} \
    $(initDockerBuildArgs) \
    -t 'aries-test-harness' \
    -f 'aries-test-harness/Dockerfile.harness' 'aries-test-harness/'; then
      echo "Docker image build failed."
      exit 1
  fi
}

pingLedger(){
  ledger_url=${1}

  # ping ledger web browser for genesis txns
  local rtnCd=$(curl -s --write-out '%{http_code}' --output /dev/null ${ledger_url}/genesis)
  if (( ${rtnCd} == 200 )); then
    return 0
  else
    return 1
  fi
}

waitForLedger(){
  (
    # Wait for ledger server to start ...
    local startTime=${SECONDS}
    local rtnCd=0
    printf "waiting for ledger to start"
    # use ledger URL from host
    while ! pingLedger "$LEDGER_URL_HOST"; do
      printf "."
      local duration=$(($SECONDS - $startTime))
      if (( ${duration} >= ${LEDGER_TIMEOUT} )); then
        echoRed "\nThe Indy Ledger failed to start within ${duration} seconds.\n"
        rtnCd=1
        break
      fi
      sleep 1
    done
    echo
    return ${rtnCd}
  )
}

pingTailsServer(){
  tails_server_url=${1}

  # ping tails server (ask for a non-existant registry and should return 404)
  local rtnCd=$(curl -s --write-out '%{http_code}' --output /dev/null ${tails_server_url}/404notfound)
  if (( ${rtnCd} == 404 )); then
    return 0
  else
    return 1
  fi
}

waitForTailsServer(){
  (
    # Wait for tails server to start ...
    local startTime=${SECONDS}
    local rtnCd=0
    printf "waiting for tails server to start"
    # use tails server URL from host
    while ! pingTailsServer "$TAILS_SERVER_URL_HOST"; do
      printf "."
      local duration=$(($SECONDS - $startTime))
      if (( ${duration} >= ${LEDGER_TIMEOUT} )); then
        echoRed "\nThe tails server failed to start within ${duration} seconds.\n"
        rtnCd=1
        break
      fi
      sleep 1
    done
    echo
    return ${rtnCd}
  )
}

pingCloudAgency(){
  cloud_agency_url=${1}

  local rtnCd=$(curl -s --write-out '%{http_code}' --output /dev/null ${cloud_agency_url})
  if (( ${rtnCd} == 200 )); then
    return 0
  else
    return 1
  fi
}

pingUniresolver(){

  # ping uniresolver server
  local rtnCd=$(curl -s --write-out '%{http_code}' --output /dev/null http://localhost:8080)
  if (( ${rtnCd} == 200 )); then
    return 0
  else
    return 1
  fi
}

waitForCloudAgency(){
  (
    # Wait for cloud agency to start ...
    local startTime=${SECONDS}
    local rtnCd=0
    printf "waiting for cloud agency to start"
    while ! pingCloudAgency "$CLOUD_AGENCY_URL"; do
      printf "."
      local duration=$(($SECONDS - $startTime))
      if (( ${duration} >= ${LEDGER_TIMEOUT} )); then
        echoRed "\nThe agency failed to start within ${duration} seconds.\n"
        rtnCd=1
        break
      fi
      sleep 1
    done
    echo
    return ${rtnCd}
  )
}

waitForUniresolver(){
  (
    # Wait for uniresolver to start ...
    local startTime=${SECONDS}
    local rtnCd=0
    printf "waiting for uniresolver to start"
    while ! pingUniresolver ; do
      printf "."
      local duration=$(($SECONDS - $startTime))
      if (( ${duration} >= ${LEDGER_TIMEOUT} )); then
        echoRed "\nUniversal Resolver failed to start within ${duration} seconds.\n"
        rtnCd=1
        break
      fi
      sleep 1
    done
    echo
    return ${rtnCd}
  )
}

startCloudAgency(){
    docker-compose -f ./aries-backchannels/aries-vcx/ci/docker-compose.yml up -d
}

dockerhost_url_templates() {
  # generate acapy plugin config file, writing $DOCKERHOST into URLs
  pushd ${SCRIPT_HOME}/aries-backchannels/acapy/ > /dev/null

  mkdir -p .build/acapy-main.data
  mkdir -p .build/acapy.data

  sed "s/REPLACE_WITH_DOCKERHOST/${DOCKERHOST}/g" plugin-config.template | tee > .build/plugin-config.yml

  rm -f .build/acapy-main.data/plugin-config.yml .build/acapy.data/plugin-config.yml
  cp .build/plugin-config.yml .build/acapy-main.data/plugin-config.yml
  mv .build/plugin-config.yml .build/acapy.data/plugin-config.yml

  popd > /dev/null
}

pingAgent(){
  name=${1}
  port=${2}

  # ping agent using a backchannel-exposed api
  rtnCd=$(curl -s --write-out '%{http_code}' --output /dev/null http://localhost:${port}/agent/command/status/)
  if (( ${rtnCd} == 200 )); then
    return 0
  else
    return 1
  fi
}

waitForAgent(){
  (
    name=${1}

    # Wait for agent to start ...
    local startTime=${SECONDS}
    rtnCd=0
    printf "waiting for ${name} agent to start"
    while ! pingAgent ${@}; do
      printf "."
      local duration=$(($SECONDS - $startTime))
      if (( ${duration} >= ${AGENT_TIMEOUT} )); then
        echoRed "\nThe agent failed to start within ${duration} seconds.\n"
        rtnCd=1
        break
      fi
      sleep 1
    done
    echo
    return ${rtnCd}
  )
}

startAgent() {
  local NAME=$1
  local CONTAINER_NAME=$2
  local IMAGE_NAME=$3
  local PORT_RANGE=$4
  local BACKCHANNEL_PORT=$5
  local AGENT_ENDPOINT_PORT=$6
  local AIP_CONFIG=$7
  local AGENT_NAME=$8

  local BACKCHANNEL_DIR=$(dirname "$(find aries-backchannels -name *.${AGENT_NAME})" )

  local ENV_PATH="$(find $BACKCHANNEL_DIR -name *${AGENT_NAME}.env)"
  local ENV_FILE_ARG=

  if [[ -n $ENV_PATH ]]; then
    ENV_FILE_ARG="--env-file=$ENV_PATH"
    # echo $ENV_FILE_ARG
  fi

  local DATA_VOLUME_PATH="$(find $BACKCHANNEL_DIR -wholename */${AGENT_NAME}.data)"
  local DATA_VOLUME_ARG=
  # optional data volume folder
  if [[ -n DATA_VOLUME_PATH  ]]; then
    DATA_VOLUME_ARG="-v $(pwd)/$DATA_VOLUME_PATH:/data-mount:z"
  fi

  if [ ! "$(docker ps -q -f name=$CONTAINER_NAME)" ]; then
    if [[ "${USE_NGROK}" = "true" ]]; then
      echo "Starting ngrok for ${NAME} Agent ..."
      if [[ "${IMAGE_NAME}" = "dotnet-agent-backchannel" ]]; then
        docker run -d --rm --name "${CONTAINER_NAME}-ngrok" wernight/ngrok ngrok http "${CONTAINER_NAME}:${BACKCHANNEL_PORT}" --log stdout > /dev/null
      else
        docker run -d --rm --name "${CONTAINER_NAME}-ngrok" wernight/ngrok ngrok http "${CONTAINER_NAME}:${AGENT_ENDPOINT_PORT}" --log stdout > /dev/null
      fi
      sleep 1
      export NGROK_NAME="${CONTAINER_NAME}-ngrok"
      docker network connect aath_network "${CONTAINER_NAME}-ngrok"
    else
      export NGROK_NAME=
    fi
    echo "Starting ${NAME} Agent using ${IMAGE_NAME} ..."
    export BACKCHANNEL_EXTRA_ARGS_NAME="BACKCHANNEL_EXTRA_${AGENT_NAME//-/_}"
    export BACKCHANNEL_EXTRA_ARGS=`echo ${!BACKCHANNEL_EXTRA_ARGS_NAME}`
    if [[ -z ${AGENT_CONFIG_FILE} ]]; then
      local container_id=$(docker run -dt --name "${CONTAINER_NAME}" --expose "${PORT_RANGE}" -p "${PORT_RANGE}:${PORT_RANGE}" ${DATA_VOLUME_ARG} ${ENV_FILE_ARG} -e "NGROK_NAME=${NGROK_NAME}" -e "EXTRA_ARGS=${BACKCHANNEL_EXTRA_ARGS}" -e "DOCKERHOST=${DOCKERHOST}" -e "AGENT_NAME=${NAME}" -e "LEDGER_URL=${LEDGER_URL_INTERNAL}" -e "TAILS_SERVER_URL=${TAILS_SERVER_URL_INTERNAL}" -e "CLOUD_AGENCY_URL=${CLOUD_AGENCY_URL_INTERNAL}" -e "AIP_CONFIG=${AIP_CONFIG}" "${IMAGE_NAME}" -p "${BACKCHANNEL_PORT}" -i false)
    else
      local container_id=$(docker run -dt --name "${CONTAINER_NAME}" --expose "${PORT_RANGE}" -p "${PORT_RANGE}:${PORT_RANGE}" ${DATA_VOLUME_ARG} ${ENV_FILE_ARG} -e "AGENT_CONFIG_FILE=${AGENT_CONFIG_FILE}" -e "NGROK_NAME=${NGROK_NAME}" -e "EXTRA_ARGS=${BACKCHANNEL_EXTRA_ARGS}" -e "DOCKERHOST=${DOCKERHOST}" -e "AGENT_NAME=${NAME}" -e "LEDGER_URL=${LEDGER_URL_INTERNAL}" -e "TAILS_SERVER_URL=${TAILS_SERVER_URL_INTERNAL}" -e "CLOUD_AGENCY_URL=${CLOUD_AGENCY_URL_INTERNAL}" -e "AIP_CONFIG=${AIP_CONFIG}" "${IMAGE_NAME}" -p "${BACKCHANNEL_PORT}" -i false)
    fi
    sleep 1
    if [[ "${USE_NGROK}" = "true" ]]; then
      docker network connect aath_network "${CONTAINER_NAME}"
    elif [[ "${AGENT_NAME}" = "afgo-master" || "${AGENT_NAME}" = "afgo-interop" ]]; then
      docker network connect aath_network "${CONTAINER_NAME}"
    fi
    if [[ "${IMAGE_NAME}" = "mobile-agent-backchannel" ]]; then
      echo "Tail-ing log files for ${NAME} agent in ${container_id}"
      docker logs -f ${container_id} &
    fi
  else
    echo "${NAME} Agent already running, skipping..."
  fi
}

writeEnvProperties() {
  ACME_VERSION=$(getAgentVersion 9020)
  BOB_VERSION=$(getAgentVersion 9030)
  FABER_VERSION=$(getAgentVersion 9040)
  MALLORY_VERSION=$(getAgentVersion 9050)

  env_file="$(pwd)/aries-test-harness/allure/allure-results/environment.properties"
  declare -a env_array
  env_array+=("role.acme=$ACME_AGENT")
  env_array+=("acme.agent.version=$ACME_VERSION")
  env_array+=("role.bob=$BOB_AGENT")
  env_array+=("bob.agent.version=$BOB_VERSION")
  env_array+=("role.faber=$FABER_AGENT")
  env_array+=("faber.agent.version=$FABER_VERSION")
  env_array+=("role.mallory=$MALLORY_AGENT")
  env_array+=("mallory.agent.version=$MALLORY_VERSION")
  printf "%s\n" "${env_array[@]}" > $env_file

}

getAgentVersion(){
  port=${1}
  # get agent version using a backchannel-exposed api
  version=$(curl -s http://localhost:${port}/agent/command/version/)
  echo "$version"
  # if (( ${rtnCd} == 200 )); then
  #   echo "$version"
  # else
  #   echo "unknown"
  # fi
}

createNetwork() {
  if [[ -z `docker network ls -q --filter "name=aath_network"` ]]; then
    docker network create aath_network > /dev/null
  fi
}

cleanupNetwork() {
  if [[ -z `docker ps -q --filter "network=aath_network"` && `docker network ls -q --filter "name=aath_network"` ]]; then
    docker network rm aath_network > /dev/null
  fi
}

auxiliaryService() {
  local SERVICE_NAME
  local SERVICE_COMMAND
  SERVICE_NAME=$1
  SERVICE_COMMAND=$2

  if [[ -f "./services/${SERVICE_NAME}/wrapper.sh" ]]; then
    (./services/${SERVICE_NAME}/wrapper.sh $SERVICE_COMMAND)
  else
    echo "service ${SERVICE_NAME} doesn't exist"
  fi
}

startServices() {
  # sets if services this procedure starts should be stopped automatically
  local AUTO_CLEANUP
  if [[ "auto" = $1 ]]; then
    AUTO_CLEANUP=true
  else
    AUTO_CLEANUP=false
  fi

  if [[ "all" = $1 ]]; then
    auxiliaryService orb start
  fi

  # if we're *not* using an external VON ledger, start the local one
  if [[ -z ${LEDGER_URL_CONFIG} ]]; then
    if [[ -z `docker ps -q --filter="name=von_webserver_1"` ]]; then
      echo "starting local von-network..."
      auxiliaryService von-network start
      if [[ $AUTO_CLEANUP ]]; then
        export STARTED_LOCAL_LEDGER=true
      fi
    fi
  fi

  if ! waitForLedger; then
    echoRed "\nThe Indy Ledger is not running.\n"
    exit 1
  fi

  if [[ -z `docker ps -q --filter="name=uni-resolver-web.local"` ]]; then
      echo "starting local uniresolver..."
    auxiliaryService uniresolver start
    if [[ $AUTO_CLEANUP ]]; then
      export STARTED_LOCAL_UNIRESOLVER=true
    fi
  fi

  # if we're *not* using an external indy tails server, start the local one
  if [[ -z ${TAILS_SERVER_URL_CONFIG} ]]; then
    if [[ -z `docker ps -q --filter="name=docker_tails-server_1"` ]]; then
      echo "starting local indy-tails-server..."
      auxiliaryService indy-tails start
      if [[ $AUTO_CLEANUP ]]; then
        export STARTED_LOCAL_TAILS=true
      fi
    fi
  fi

  if ! waitForTailsServer; then
    echoRed "\nThe Indy Tails Server is not running.\n"
    exit 1
  fi

  if ! waitForUniresolver; then
    echoRed "\nUniversal Resolver is not running.\n"
    exit 1
  fi
}

stopServices() {
  if [[ "auto" = $1 ]]; then
    if [[ ${STARTED_LOCAL_UNIRESOLVER} ]]; then
      echo "stopping local uniresolver..."
      auxiliaryService uniresolver stop
    fi

    if [[ ${STARTED_LOCAL_TAILS} ]]; then
      echo "stopping local indy-tails-server..."
      auxiliaryService indy-tails stop
    fi

    if [[ ${STARTED_LOCAL_LEDGER} ]]; then
      echo "stopping local von-network..."
      auxiliaryService von-network stop
    fi
  elif [[ "all" = $1 ]]; then
    auxiliaryService uniresolver stop
    auxiliaryService orb stop
    auxiliaryService indy-tails stop
    auxiliaryService von-network stop
  fi
}

serviceCommand() {
  local SERVICE_COMMAND
  SERVICE_COMMAND=$1
  local SERVICE_TARGET
  SERVICE_TARGET=$2

  # TODO: allow multiple services to be named - but can we handle logs command then?
  if [[ "all" = $SERVICE_TARGET ]]; then
    case "${SERVICE_COMMAND}" in
      start)
          createNetwork
          startServices all
        ;;
      stop)
          stopServices all
          cleanupNetwork
        ;;
      *)
          echo err: \'start\' and \'stop\' are only valid commands for target \'all\'
        ;;
    esac

    return
  fi

  case "${SERVICE_COMMAND}" in
    start)
        createNetwork
        auxiliaryService ${SERVICE_TARGET} ${SERVICE_COMMAND}
      ;;
    logs)
        auxiliaryService ${SERVICE_TARGET} ${SERVICE_COMMAND}
      ;;
    stop|clean)
        auxiliaryService ${SERVICE_TARGET} ${SERVICE_COMMAND}
        cleanupNetwork
      ;;
    *)
        auxiliaryService ${SERVICE_TARGET} ${SERVICE_COMMAND}
      ;;
  esac
}

startHarness(){
  echo Agents to be used:
  echo "  Acme - ${ACME}"
  echo "  Bob - ${BOB}"
  echo "  Faber - ${FABER}"
  echo "  Mallory - ${MALLORY}"
  echo ""

  createNetwork

  startServices auto

  # Only start cloud agency if vcx is in the agent list to run.
  if [[ "${ACME}" = "aries-vcx" ]] || [[ "${BOB}" = "aries-vcx" ]] || [[ "${MALLORY}" = "aries-vcx" ]] || [[ "${FABER}" = "aries-vcx" ]]; then
    startCloudAgency

    if ! waitForCloudAgency; then
      echoRed "\nThe cloud agency not running.\n"
      exit 1
    fi
  fi

  dockerhost_url_templates

  export AIP_CONFIG=${AIP_CONFIG:-10}

  # Only start agents that are asked for in the ./manage start command
  if [[ "$ACME" != "none" ]]; then
    export ACME_AGENT=${ACME_AGENT:-${ACME}-agent-backchannel}
    startAgent Acme acme_agent "$ACME_AGENT" "9020-9029" 9020 9021 "$AIP_CONFIG" "$ACME"
  fi
  if [[ "$BOB" != "none" ]]; then
    export BOB_AGENT=${BOB_AGENT:-${BOB}-agent-backchannel}
    startAgent Bob bob_agent "$BOB_AGENT" "9030-9039" 9030 9031 "$AIP_CONFIG" "$BOB"
  fi
  if [[ "$FABER" != "none" ]]; then
    export FABER_AGENT=${FABER_AGENT:-${FABER}-agent-backchannel}
    startAgent Faber faber_agent "$FABER_AGENT" "9040-9049" 9040 9041 "$AIP_CONFIG" "$FABER"
  fi
  if [[ "$MALLORY" != "none" ]]; then
    export MALLORY_AGENT=${MALLORY_AGENT:-${MALLORY}-agent-backchannel}
    startAgent Mallory mallory_agent "$MALLORY_AGENT" "9050-9059" 9050 9051 "$AIP_CONFIG" "$MALLORY"
  fi
  
  echo
  # Check if agents were successfully started. 
  if [[ "$ACME" != "none" ]]; then
    waitForAgent Acme 9020
  fi
  if [[ "$BOB" != "none" ]]; then
    waitForAgent Bob 9030
  fi
  if [[ "$FABER" != "none" ]]; then
    waitForAgent Faber 9040
  fi
  if [[ "$MALLORY" != "none" ]]; then
    waitForAgent Mallory 9050
  fi
  echo

  export PROJECT_ID=${PROJECT_ID:-general}

  echo
  # Allure Reports environment.properties file handling
  # Only do this if reporting parameter is passed. 
  if [[ "${REPORT}" = "allure" ]]; then
    writeEnvProperties
  fi
}

deleteAgents() {
    deleteAgent acme_agent
    deleteAgent bob_agent
    deleteAgent faber_agent
    deleteAgent mallory_agent
}

deleteAgent() {
    agent=$1
    docker rm -f $agent || 1
}

runTests() {
  runArgs=${@}

  if [[ "${TAGS}" ]]; then
      echo "Tags: ${TAGS}"
  else
      echo "No tags specified; all tests will be run."
  fi

  echo
  # Behave.ini file handling
  export BEHAVE_INI_TMP="$(pwd)/behave.ini.tmp"
  cp ${BEHAVE_INI} ${BEHAVE_INI_TMP}

  if [[ "${REPORT}" = "allure" ]]; then
      echo "Executing tests with Allure Reports."
      ${terminalEmu} docker run ${INTERACTIVE} --rm --network="host" -v ${BEHAVE_INI_TMP}:/aries-test-harness/behave.ini -v "$(pwd)/aries-test-harness/allure/allure-results:/aries-test-harness/allure/allure-results/" aries-test-harness -k ${runArgs} -f allure_behave.formatter:AllureFormatter -o ./allure/allure-results -f progress -D Acme=http://0.0.0.0:9020 -D Bob=http://0.0.0.0:9030 -D Faber=http://0.0.0.0:9040 -D Mallory=http://0.0.0.0:9050
  else
      ${terminalEmu} docker run ${INTERACTIVE} --rm --network="host" -v ${BEHAVE_INI_TMP}:/aries-test-harness/behave.ini aries-test-harness -k ${runArgs} -D Acme=http://0.0.0.0:9020 -D Bob=http://0.0.0.0:9030 -D Faber=http://0.0.0.0:9040 -D Mallory=http://0.0.0.0:9050
  fi
  local docker_result=$?
  rm ${BEHAVE_INI_TMP}

  # Export agent logs
  if [[ "${GITHUB_ACTIONS}" != "true" ]]; then
    echo ""
    echo "Exporting Agent logs."
    mkdir -p .logs
    docker logs acme_agent > .logs/acme_agent.log
    docker logs bob_agent > .logs/bob_agent.log
    docker logs faber_agent > .logs/faber_agent.log
    docker logs mallory_agent > .logs/mallory_agent.log

    if [[ "${USE_NGROK}" = "true" ]]; then
      echo "Exporting ngrok Agent logs."
      docker logs acme_agent-ngrok > .logs/acme_agent-ngrok.log
      docker logs bob_agent-ngrok > .logs/bob_agent-ngrok.log
      docker logs faber_agent-ngrok > .logs/faber_agent-ngrok.log
      docker logs mallory_agent-ngrok > .logs/mallory_agent-ngrok.log
    fi
  fi
}

stopIfExists(){
  local CONTAINER_NAME
  CONTAINER_NAME=$1
  local CONTAINER_ID
  CONTAINER_ID=`docker ps -q --filter "name=${CONTAINER_NAME}"`

  if [[ ${CONTAINER_ID} ]]; then
    docker stop ${CONTAINER_ID} > /dev/null
  fi
}

stopHarness(){
  echo "Cleanup:"
  echo "  - Shutting down all the agents ..."
  docker stop acme_agent bob_agent faber_agent mallory_agent > /dev/null
  docker rm -v acme_agent bob_agent faber_agent mallory_agent > /dev/null

  stopIfExists acme_agent-ngrok
  stopIfExists bob_agent-ngrok
  stopIfExists faber_agent-ngrok
  stopIfExists mallory_agent-ngrok

  printf "Done\n"

  if [[ "${REPORT}" = "allure" ]]; then
    if [[ "${REPORT_ERROR_TYPE}" = "comparison" ]]; then
      # TODO run the same_as_yesterday.py script and capture the result
      echo "Checking results vs KGR ..."
      ${terminalEmu} docker run ${INTERACTIVE} --rm -v "$(pwd)/aries-test-harness/allure/allure-results:/aries-test-harness/allure/allure-results/" --entrypoint /aries-test-harness/allure/same_as_yesterday.sh -e PROJECT_ID=${PROJECT_ID} aries-test-harness
      docker_result=$?
    fi
  fi

  stopServices auto

  cleanupNetwork

  if [ -n "${docker_result}" ] && [ ! "${docker_result}" = "0" ]; then
    echo "Exit with error code ${docker_result}"
    exit ${docker_result}
  fi
}

isAgent() {
  result=false

  for agent in ${VALID_AGENTS}; do
    if [[ "${1}" == "${agent}" ]]; then
        result=true
    fi
  done

  echo $result
}

printLetsEncryptWarning() {
  [ -n "${LetsEncryptWarningPrinted}" ] && return
  cat << EOWARN
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
>> WARNING
>> This applies to mobile testing using Android-Based digital wallet,
>> as far as we know.

If you are using a mobile/smartphone-based Wallet, the test harness is going to
make use of the https://ngrok.com/ infrastructure, generating url like this one
https://aabbccdd.ngrok.io

The Ngrok infrastructure makes use of a wildcard TLS certificate *.ngrok.io,
certified by Let's Encrypt (https://letsencrypt.org/).
However, some OS and platform are still making use of an expired root
certificate, namely "DST Root CA X3", which expired on September 30th 2021.
Ref: https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021

If:
- The wallet your are testing somehow never manages to establish a
  connection after scanning the first QR code.
Then:
- you might be facing this issue.

The solution is to disable the expired certificate into your android device
trusted certificate store.

Here's how: Of course, your mileage might vary depending on brand and device:

* The simplest way is to launch your setting application
  a. Use the search bar to find "certificate"-related entries
     (you can probably use a shorter substring)
  b. This should display a few entries, including something like
    Trusted Certificates (or the equivalent in your phone language)
  c. Selecting this should display two list of trusted certificates:
    the System ones and the ones input by the user
  d. Go to the System list of trusted certificates, and simply find the
    DST Root CA X3 in the sorted list
  e. Click on the certificate and deactivate it.

* If the search does not work for you, we are aware of two alternate ways
  to access the trusted certificates store, but again we cannot document for
  all brand/models

  * Either:
    Settings
    => Biometrics & security
    => Other security settings
    => View security certificates
  * Or:
    Settings
    => Security
    => Advanced
    => Encryption and Credentials
    => Trusted Certificates
  * Then go to step b. above to disable the faulty certificate.

Now, if the faulty certificate is not is your trust store, then you have
another issue, sorry.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
EOWARN
LetsEncryptWarningPrinted=1
}

# -----------------------------------------------------------------------------------------------------------------
# Initialization:
# -----------------------------------------------------------------------------------------------------------------
# Command to run must be the first argument
COMMAND=$(toLower ${1})
shift

# Handle run args
if [[ "${COMMAND}" == "run" || "${COMMAND}" == "start" || "${COMMAND}" == "test" ]]; then
  ACME="none"
  BOB="none"
  FABER="none"
  MALLORY="none"
  TAGS=""
  BEHAVE_INI=aries-test-harness/behave.ini

  while getopts "hna:b:c:f:m:r:e:d:t:v:i:" FLAG; do
    case $FLAG in
        h ) usage ;;
        : ) usage ;;
        \? ) #unrecognized option - show help
        echo -e \\n"Invalid script option: -${OPTARG}"\\n
        usage
            ;;
        r ) export REPORT=${OPTARG}
            ;;
        e ) export REPORT_ERROR_TYPE=${OPTARG}
            ;;
        a ) export ACME=${OPTARG}
            ;;
        b ) export BOB=${OPTARG}
            ;;
        f ) export FABER=${OPTARG}
            ;;
        m ) export MALLORY=${OPTARG}
            ;;
        t ) export TAGS="${TAGS} --tags=${OPTARG}"
            ;;
        v ) export AIP_CONFIG=${OPTARG}
            ;;
        i ) export BEHAVE_INI=${OPTARG}
            ;;
        n ) export USE_NGROK="true"
            ;;
        d )
            export ACME=${OPTARG}
            export BOB=${OPTARG}
            export FABER=${OPTARG}
            export MALLORY=${OPTARG}
            ;;
    esac
  done
  shift $((OPTIND-1))

  if [[ "${COMMAND}" == "run" || "${COMMAND}" == "test" ]]; then
    for agent in ${ACME} ${BOB} ${FABER} ${MALLORY}; do
        if [[ $(isAgent $agent) == false ]] ; then
            echo All agents Acme, Bob, Faber and Mallory must be set to one of: ${VALID_AGENTS}.
            echo Use \"${0} help\" to get more information.
            exit 1
        fi
        if [ "$agent" == "mobile" ]; then
          printLetsEncryptWarning
        fi
    done

    if [ ! -f "${BEHAVE_INI}" ]; then
      echo Error - behave INI file does not exist: ${BEHAVE_INI}
      exit 1
    fi

    if [[ "$@" ]]; then
        echo "Other args:  $@"
    fi
  fi
fi

# Handle additional Build arguments
if [[ "${COMMAND}" == "build" || "${COMMAND}" == "rebuild" ]]; then

  while getopts "ha:" FLAG; do
    case $FLAG in
        h ) usage ;;
        : ) usage ;;
        \? ) #unrecognized option - show help
        set -- "$@" "$FLAG"
            ;;
        a ) export BUILD_AGENTS="${BUILD_AGENTS} ${OPTARG}"
            ;;
    esac
  done
  shift $((OPTIND-1))

  if [ "${BUILD_AGENTS}" == "" ]; then
     BUILD_AGENTS=${VALID_AGENTS}
  fi

  if [[ "${TAGS}" =~ "@Mobile" ]]; then
    printLetsEncryptWarning
  fi
fi

pushd ${SCRIPT_HOME} >/dev/null

case "${COMMAND}" in
  build)
      buildImages ${@} --platform linux/amd64
    ;;

  rebuild)
      buildImages --no-cache ${@} --platform linux/amd64
    ;;

  run)
      startHarness
      echo ""
      runTests ${TAGS} ${@}
      echo ""
      stopHarness
    ;;
  start)
      startHarness
    ;;
  test)
      runTests ${TAGS} ${@}
    ;;
  stop)
      stopHarness
    ;;
  service)
      serviceCommand ${@}
    ;;
  tags)
      grep -h @ aries-test-harness/features/*feature |  tr " " "\n" | sort -u | fmt
    ;;
  rm)
      deleteAgents
    ;;

  tests|scenarios)
      grep -h -B 1 Scenario aries-test-harness/features/*feature
    ;;

  dockerhost)
      echo ${DOCKERHOST}
    ;;
  *)
      usage
    ;;

esac

popd > /dev/null