Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Beholder CSA Authentication #15160

Merged
merged 32 commits into from
Nov 8, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
32 commits
Select commit Hold shift + click to select a range
53d708d
Bump chainlink-common to PR latest
4of9 Oct 30, 2024
49da3e6
Wire up Beholder auth in loop
4of9 Oct 30, 2024
104c001
Move keystore auth into NewApplication
4of9 Nov 1, 2024
0b16fde
Wire up CSA Auth for Beholder
pkcll Nov 7, 2024
da524ff
Use simplified auth header approach
4of9 Nov 6, 2024
d4991bf
Add auth header after logging config
4of9 Nov 6, 2024
113f7b7
Remove empty line for linter
cll-gg Nov 7, 2024
005174c
Put back mistakenly removed imports
cll-gg Nov 7, 2024
27adc24
Update to latest chainlink-common@INFOPLAT-1071-beholder-csa-signer-a…
pkcll Nov 7, 2024
05181e7
Rename return vars
pkcll Nov 7, 2024
e1718d6
Merge remote-tracking branch 'upstream/develop' into aptos-init__csa-…
pkcll Nov 7, 2024
a8dafc0
Bump chainlink-common from latest INFOPLAT-1071-beholder-csa-signer-a…
pkcll Nov 7, 2024
f542df9
Bump chainlink-common to latest INFOPLAT-1071-beholder-csa-signer-auth_2
pkcll Nov 7, 2024
179a341
Bump chainlink-common to latest INFOPLAT-1071-beholder-csa-signer-auth_2
pkcll Nov 7, 2024
1d7bc20
go mod tidy for ./integration-tests
pkcll Nov 7, 2024
8312bcb
make gomodtidy
pkcll Nov 7, 2024
c082f37
Add changeset file
4of9 Nov 7, 2024
cb348aa
Potential test fix
cll-gg Nov 8, 2024
f55cc8e
Clean up the test: remove a few unused mocks
cll-gg Nov 8, 2024
cb34bb3
Revert "Clean up the test: remove a few unused mocks"
patrickhuie19 Nov 8, 2024
266a780
Revert "Potential test fix"
patrickhuie19 Nov 8, 2024
d8cfb79
Adding InstanceAppFactoryWithKeystoreMock for shell_local tests (#15167)
patrickhuie19 Nov 8, 2024
714656a
Revert "remove go.mod replace with real version (#15142)"
krehermann Nov 7, 2024
b73b75f
Run go mod tidy
4of9 Nov 8, 2024
230541f
Add Beholder auth to deployment LoopRegistry
4of9 Nov 8, 2024
9316cf8
Merge remote-tracking branch 'origin/develop' into aptos-init__csa-ke…
4of9 Nov 8, 2024
b8271c7
Update chainlink-common to PR latest
4of9 Nov 8, 2024
c445482
Run go mod tidy
4of9 Nov 8, 2024
459f069
Prep keystore for beholder auth
4of9 Nov 8, 2024
eb676eb
Bump chainlink-common to latest
4of9 Nov 8, 2024
831a2b8
Run go mod tidy
4of9 Nov 8, 2024
a37d5f1
Merge branch 'develop' into aptos-init__csa-key-auth
patrickhuie19 Nov 8, 2024
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions .changeset/swift-fireants-compare.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
"chainlink": minor
---

Add CSA authentication support to Beholder #added
4 changes: 2 additions & 2 deletions core/cmd/key_store_authenticator.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,11 +17,11 @@ type TerminalKeyStoreAuthenticator struct {
Prompter Prompter
}

type keystorePassword interface {
type KeystorePassword interface {
Keystore() string
}

func (auth TerminalKeyStoreAuthenticator) authenticate(ctx context.Context, keyStore keystore.Master, password keystorePassword) error {
func (auth TerminalKeyStoreAuthenticator) Authenticate(ctx context.Context, keyStore keystore.Master, password KeystorePassword) error {
isEmpty, err := keyStore.IsEmpty(ctx)
if err != nil {
return errors.Wrap(err, "error determining if keystore is empty")
Expand Down
37 changes: 27 additions & 10 deletions core/cmd/shell.go
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,7 @@ var (
grpcOpts loop.GRPCOpts
)

func initGlobals(cfgProm config.Prometheus, cfgTracing config.Tracing, cfgTelemetry config.Telemetry, lggr logger.Logger) error {
func initGlobals(cfgProm config.Prometheus, cfgTracing config.Tracing, cfgTelemetry config.Telemetry, lggr logger.Logger, csaPubKeyHex string, beholderAuthHeaders map[string]string) error {
// Avoid double initializations, but does not prevent relay methods from being called multiple times.
var err error
initGlobalsOnce.Do(func() {
Expand Down Expand Up @@ -104,6 +104,8 @@ func initGlobals(cfgProm config.Prometheus, cfgTracing config.Tracing, cfgTeleme
OtelExporterGRPCEndpoint: cfgTelemetry.OtelExporterGRPCEndpoint(),
ResourceAttributes: attributes,
TraceSampleRatio: cfgTelemetry.TraceSampleRatio(),
AuthPublicKeyHex: csaPubKeyHex,
AuthHeaders: beholderAuthHeaders,
}
if tracingCfg.Enabled {
clientCfg.TraceSpanExporter, err = tracingCfg.NewSpanExporter()
Expand Down Expand Up @@ -174,19 +176,14 @@ func (s *Shell) configExitErr(validateFn func() error) cli.ExitCoder {

// AppFactory implements the NewApplication method.
type AppFactory interface {
NewApplication(ctx context.Context, cfg chainlink.GeneralConfig, appLggr logger.Logger, db *sqlx.DB) (chainlink.Application, error)
NewApplication(ctx context.Context, cfg chainlink.GeneralConfig, appLggr logger.Logger, db *sqlx.DB, keyStoreAuthenticator TerminalKeyStoreAuthenticator) (chainlink.Application, error)
}

// ChainlinkAppFactory is used to create a new Application.
type ChainlinkAppFactory struct{}

// NewApplication returns a new instance of the node with the given config.
func (n ChainlinkAppFactory) NewApplication(ctx context.Context, cfg chainlink.GeneralConfig, appLggr logger.Logger, db *sqlx.DB) (app chainlink.Application, err error) {
err = initGlobals(cfg.Prometheus(), cfg.Tracing(), cfg.Telemetry(), appLggr)
if err != nil {
appLggr.Errorf("Failed to initialize globals: %v", err)
}

func (n ChainlinkAppFactory) NewApplication(ctx context.Context, cfg chainlink.GeneralConfig, appLggr logger.Logger, db *sqlx.DB, keyStoreAuthenticator TerminalKeyStoreAuthenticator) (app chainlink.Application, err error) {
err = migrate.SetMigrationENVVars(cfg)
if err != nil {
return nil, err
Expand All @@ -198,11 +195,31 @@ func (n ChainlinkAppFactory) NewApplication(ctx context.Context, cfg chainlink.G
}

ds := sqlutil.WrapDataSource(db, appLggr, sqlutil.TimeoutHook(cfg.Database().DefaultQueryTimeout), sqlutil.MonitorHook(cfg.Database().LogSQL))

keyStore := keystore.New(ds, utils.GetScryptParams(cfg), appLggr)

err = keyStoreAuthenticator.Authenticate(ctx, keyStore, cfg.Password())
if err != nil {
return nil, errors.Wrap(err, "error authenticating keystore")
}

err = keyStore.CSA().EnsureKey(ctx)
if err != nil {
return nil, errors.Wrap(err, "failed to ensure CSA key")
}

beholderAuthHeaders, csaPubKeyHex, err := keystore.BuildBeholderAuth(keyStore)
if err != nil {
return nil, errors.Wrap(err, "failed to build Beholder auth")
}

err = initGlobals(cfg.Prometheus(), cfg.Tracing(), cfg.Telemetry(), appLggr, csaPubKeyHex, beholderAuthHeaders)
if err != nil {
appLggr.Errorf("Failed to initialize globals: %v", err)
}

mailMon := mailbox.NewMonitor(cfg.AppID().String(), appLggr.Named("Mailbox"))

loopRegistry := plugins.NewLoopRegistry(appLggr, cfg.Tracing(), cfg.Telemetry())
loopRegistry := plugins.NewLoopRegistry(appLggr, cfg.Tracing(), cfg.Telemetry(), beholderAuthHeaders, csaPubKeyHex)

mercuryPool := wsrpc.NewPool(appLggr, cache.Config{
LatestReportTTL: cfg.Mercury().Cache().LatestReportTTL(),
Expand Down
11 changes: 3 additions & 8 deletions core/cmd/shell_local.go
Original file line number Diff line number Diff line change
Expand Up @@ -382,18 +382,13 @@ func (s *Shell) runNode(c *cli.Context) error {
// From now on, DB locks and DB connection will be released on every return.
// Keep watching on logger.Fatal* calls and os.Exit(), because defer will not be executed.

app, err := s.AppFactory.NewApplication(rootCtx, s.Config, s.Logger, ldb.DB())
app, err := s.AppFactory.NewApplication(rootCtx, s.Config, s.Logger, ldb.DB(), s.KeyStoreAuthenticator)
if err != nil {
return s.errorOut(errors.Wrap(err, "fatal error instantiating application"))
}

// Local shell initialization always uses local auth users table for admin auth
authProviderORM := app.BasicAdminUsersORM()
keyStore := app.GetKeyStore()
err = s.KeyStoreAuthenticator.authenticate(rootCtx, keyStore, s.Config.Password())
if err != nil {
return errors.Wrap(err, "error authenticating keystore")
}

legacyEVMChains := app.GetRelayers().LegacyEVMChains()

Expand Down Expand Up @@ -634,7 +629,7 @@ func (s *Shell) RebroadcastTransactions(c *cli.Context) (err error) {
}
defer lggr.ErrorIfFn(db.Close, "Error closing db")

app, err := s.AppFactory.NewApplication(ctx, s.Config, lggr, db)
app, err := s.AppFactory.NewApplication(ctx, s.Config, lggr, db, s.KeyStoreAuthenticator)
if err != nil {
return s.errorOut(errors.Wrap(err, "fatal error instantiating application"))
}
Expand Down Expand Up @@ -1281,7 +1276,7 @@ func (s *Shell) RemoveBlocks(c *cli.Context) error {
// From now on, DB locks and DB connection will be released on every return.
// Keep watching on logger.Fatal* calls and os.Exit(), because defer will not be executed.

app, err := s.AppFactory.NewApplication(ctx, s.Config, s.Logger, ldb.DB())
app, err := s.AppFactory.NewApplication(ctx, s.Config, s.Logger, ldb.DB(), s.KeyStoreAuthenticator)
if err != nil {
return s.errorOut(errors.Wrap(err, "fatal error instantiating application"))
}
Expand Down
4 changes: 2 additions & 2 deletions core/cmd/shell_local_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ import (
func genTestEVMRelayers(t *testing.T, opts legacyevm.ChainRelayOpts, ks evmrelayer.CSAETHKeystore) *chainlink.CoreRelayerChainInteroperators {
f := chainlink.RelayerFactory{
Logger: opts.Logger,
LoopRegistry: plugins.NewLoopRegistry(opts.Logger, opts.AppConfig.Tracing(), opts.AppConfig.Telemetry()),
LoopRegistry: plugins.NewLoopRegistry(opts.Logger, opts.AppConfig.Tracing(), opts.AppConfig.Telemetry(), nil, ""),
CapabilitiesRegistry: capabilities.NewRegistry(opts.Logger),
}

Expand Down Expand Up @@ -122,7 +122,7 @@ func TestShell_RunNodeWithPasswords(t *testing.T) {
Config: cfg,
FallbackAPIInitializer: apiPrompt,
Runner: cltest.EmptyRunner{},
AppFactory: cltest.InstanceAppFactory{App: app},
AppFactory: cltest.InstanceAppFactoryWithKeystoreMock{App: app},
Logger: lggr,
}

Expand Down
4 changes: 2 additions & 2 deletions core/cmd/shell_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -351,7 +351,7 @@ func TestNewUserCache(t *testing.T) {

func TestSetupSolanaRelayer(t *testing.T) {
lggr := logger.TestLogger(t)
reg := plugins.NewLoopRegistry(lggr, nil, nil)
reg := plugins.NewLoopRegistry(lggr, nil, nil, nil, "")
ks := mocks.NewSolana(t)

// config 3 chains but only enable 2 => should only be 2 relayer
Expand Down Expand Up @@ -466,7 +466,7 @@ func TestSetupSolanaRelayer(t *testing.T) {

func TestSetupStarkNetRelayer(t *testing.T) {
lggr := logger.TestLogger(t)
reg := plugins.NewLoopRegistry(lggr, nil, nil)
reg := plugins.NewLoopRegistry(lggr, nil, nil, nil, "")
ks := mocks.NewStarkNet(t)
// config 3 chains but only enable 2 => should only be 2 relayer
nEnabledChains := 2
Expand Down
4 changes: 2 additions & 2 deletions core/internal/cltest/cltest.go
Original file line number Diff line number Diff line change
Expand Up @@ -394,7 +394,7 @@ func NewApplicationWithConfig(t testing.TB, cfg chainlink.GeneralConfig, flagsAn
keyStore := keystore.NewInMemory(ds, utils.FastScryptParams, lggr)

mailMon := mailbox.NewMonitor(cfg.AppID().String(), lggr.Named("Mailbox"))
loopRegistry := plugins.NewLoopRegistry(lggr, nil, nil)
loopRegistry := plugins.NewLoopRegistry(lggr, nil, nil, nil, "")

mercuryPool := wsrpc.NewPool(lggr, cache.Config{
LatestReportTTL: cfg.Mercury().Cache().LatestReportTTL(),
Expand Down Expand Up @@ -487,7 +487,7 @@ func NewApplicationWithConfig(t testing.TB, cfg chainlink.GeneralConfig, flagsAn
RestrictedHTTPClient: c,
UnrestrictedHTTPClient: c,
SecretGenerator: MockSecretGenerator{},
LoopRegistry: plugins.NewLoopRegistry(lggr, nil, nil),
LoopRegistry: plugins.NewLoopRegistry(lggr, nil, nil, nil, ""),
MercuryPool: mercuryPool,
CapabilitiesRegistry: capabilitiesRegistry,
CapabilitiesDispatcher: dispatcher,
Expand Down
22 changes: 18 additions & 4 deletions core/internal/cltest/mocks.go
Original file line number Diff line number Diff line change
Expand Up @@ -10,11 +10,11 @@ import (
"testing"
"time"

"github.com/jmoiron/sqlx"

"github.com/smartcontractkit/chainlink/v2/core/chains/evm/txmgr"
"github.com/smartcontractkit/chainlink/v2/core/internal/testutils"

"github.com/jmoiron/sqlx"

evmclient "github.com/smartcontractkit/chainlink/v2/core/chains/evm/client"
evmtypes "github.com/smartcontractkit/chainlink/v2/core/chains/evm/types"
"github.com/smartcontractkit/chainlink/v2/core/chains/legacyevm"
Expand Down Expand Up @@ -82,21 +82,35 @@ func (rm *RendererMock) Render(v interface{}, headers ...string) error {
return nil
}

type InstanceAppFactoryWithKeystoreMock struct {
App chainlink.Application
}

// NewApplication creates a new application with specified config and calls the authenticate function of the keystore
func (f InstanceAppFactoryWithKeystoreMock) NewApplication(ctx context.Context, cfg chainlink.GeneralConfig, lggr logger.Logger, db *sqlx.DB, ks cmd.TerminalKeyStoreAuthenticator) (chainlink.Application, error) {
keyStore := f.App.GetKeyStore()
err := ks.Authenticate(ctx, keyStore, cfg.Password())
if err != nil {
return nil, fmt.Errorf("error authenticating keystore: %w", err)
}
return f.App, nil
}

// InstanceAppFactory is an InstanceAppFactory
type InstanceAppFactory struct {
App chainlink.Application
}

// NewApplication creates a new application with specified config
func (f InstanceAppFactory) NewApplication(context.Context, chainlink.GeneralConfig, logger.Logger, *sqlx.DB) (chainlink.Application, error) {
func (f InstanceAppFactory) NewApplication(context.Context, chainlink.GeneralConfig, logger.Logger, *sqlx.DB, cmd.TerminalKeyStoreAuthenticator) (chainlink.Application, error) {
return f.App, nil
}

type seededAppFactory struct {
Application chainlink.Application
}

func (s seededAppFactory) NewApplication(context.Context, chainlink.GeneralConfig, logger.Logger, *sqlx.DB) (chainlink.Application, error) {
func (s seededAppFactory) NewApplication(context.Context, chainlink.GeneralConfig, logger.Logger, *sqlx.DB, cmd.TerminalKeyStoreAuthenticator) (chainlink.Application, error) {
return noopStopApplication{s.Application}, nil
}

Expand Down
2 changes: 1 addition & 1 deletion core/scripts/go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ require (
github.com/prometheus/client_golang v1.20.5
github.com/shopspring/decimal v1.4.0
github.com/smartcontractkit/chainlink-automation v0.8.1
github.com/smartcontractkit/chainlink-common v0.3.1-0.20241108143808-44ef01dbdeff
github.com/smartcontractkit/chainlink-common v0.3.1-0.20241108204352-914b88b62cf2
github.com/smartcontractkit/chainlink/deployment v0.0.0-00010101000000-000000000000
github.com/smartcontractkit/chainlink/v2 v2.0.0-00010101000000-000000000000
github.com/smartcontractkit/libocr v0.0.0-20241007185508-adbe57025f12
Expand Down
4 changes: 2 additions & 2 deletions core/scripts/go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -1092,8 +1092,8 @@ github.com/smartcontractkit/chainlink-automation v0.8.1 h1:sTc9LKpBvcKPc1JDYAmgB
github.com/smartcontractkit/chainlink-automation v0.8.1/go.mod h1:Iij36PvWZ6blrdC5A/nrQUBuf3MH3JvsBB9sSyc9W08=
github.com/smartcontractkit/chainlink-ccip v0.0.0-20241106140121-4c9ee21ab422 h1:VfH/AW5NtTmroY9zz6OYCPFbFTqpMyJ2ubgT9ahYf3U=
github.com/smartcontractkit/chainlink-ccip v0.0.0-20241106140121-4c9ee21ab422/go.mod h1:4adKaHNaxFsRvV/lYfqtbsWyyvIPUMLR0FdOJN/ljis=
github.com/smartcontractkit/chainlink-common v0.3.1-0.20241108143808-44ef01dbdeff h1:Dduou3xzY4bVJPE9yIFW+Zfqrw7QG7ePPfauO+KY508=
github.com/smartcontractkit/chainlink-common v0.3.1-0.20241108143808-44ef01dbdeff/go.mod h1:ny87uTW6hLjCTLiBqBRNFEhETSXhHWevYlPclT5lSco=
github.com/smartcontractkit/chainlink-common v0.3.1-0.20241108204352-914b88b62cf2 h1:sm8dL6NSFHmu2Bl17KhhfIwLQYWauxAFpBZ/w8WHuAA=
github.com/smartcontractkit/chainlink-common v0.3.1-0.20241108204352-914b88b62cf2/go.mod h1:ny87uTW6hLjCTLiBqBRNFEhETSXhHWevYlPclT5lSco=
github.com/smartcontractkit/chainlink-cosmos v0.5.2-0.20241017133723-5277829bd53f h1:BwrIaQIx5Iy6eT+DfLhFfK2XqjxRm74mVdlX8gbu4dw=
github.com/smartcontractkit/chainlink-cosmos v0.5.2-0.20241017133723-5277829bd53f/go.mod h1:wHtwSR3F1CQSJJZDQKuqaqFYnvkT+kMyget7dl8Clvo=
github.com/smartcontractkit/chainlink-data-streams v0.1.1-0.20241018134907-a00ba3729b5e h1:JiETqdNM0bktAUGMc62COwXIaw3rR3M77Me6bBLG0Fg=
Expand Down
6 changes: 5 additions & 1 deletion core/services/chainlink/application.go
Original file line number Diff line number Diff line change
Expand Up @@ -294,7 +294,11 @@ func NewApplication(opts ApplicationOpts) (Application, error) {
// we need to initialize in case we serve OCR2 LOOPs
loopRegistry := opts.LoopRegistry
if loopRegistry == nil {
loopRegistry = plugins.NewLoopRegistry(globalLogger, opts.Config.Tracing(), opts.Config.Telemetry())
beholderAuthHeaders, csaPubKeyHex, err := keystore.BuildBeholderAuth(keyStore)
if err != nil {
return nil, fmt.Errorf("could not build Beholder auth: %w", err)
}
loopRegistry = plugins.NewLoopRegistry(globalLogger, opts.Config.Tracing(), opts.Config.Telemetry(), beholderAuthHeaders, csaPubKeyHex)
}

// If the audit logger is enabled
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -176,7 +176,7 @@ func TestCoreRelayerChainInteroperators(t *testing.T) {

factory := chainlink.RelayerFactory{
Logger: lggr,
LoopRegistry: plugins.NewLoopRegistry(lggr, nil, nil),
LoopRegistry: plugins.NewLoopRegistry(lggr, nil, nil, nil, ""),
GRPCOpts: loop.GRPCOpts{},
CapabilitiesRegistry: capabilities.NewRegistry(lggr),
}
Expand Down
19 changes: 19 additions & 0 deletions core/services/keystore/beholder.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
package keystore

import (
"encoding/hex"

"github.com/smartcontractkit/chainlink-common/pkg/beholder"
)

func BuildBeholderAuth(keyStore Master) (authHeaders map[string]string, pubKeyHex string, err error) {
csaKeys, err := keyStore.CSA().GetAll()
if err != nil {
return nil, "", err
}
csaKey := csaKeys[0]
csaPrivKey := csaKey.Raw().Bytes()
authHeaders = beholder.BuildAuthHeaders(csaPrivKey)
pubKeyHex = hex.EncodeToString(csaKey.PublicKey)
return
}
Original file line number Diff line number Diff line change
Expand Up @@ -460,7 +460,10 @@ func setupNodeCCIP(
},
CSAETHKeystore: simEthKeyStore,
}
loopRegistry := plugins.NewLoopRegistry(lggr.Named("LoopRegistry"), config.Tracing(), config.Telemetry())
beholderAuthHeaders, csaPubKeyHex, err := keystore.BuildBeholderAuth(keyStore)
require.NoError(t, err)

loopRegistry := plugins.NewLoopRegistry(lggr.Named("LoopRegistry"), config.Tracing(), config.Telemetry(), beholderAuthHeaders, csaPubKeyHex)
relayerFactory := chainlink.RelayerFactory{
Logger: lggr,
LoopRegistry: loopRegistry,
Expand Down Expand Up @@ -490,7 +493,7 @@ func setupNodeCCIP(
RestrictedHTTPClient: &http.Client{},
AuditLogger: audit.NoopLogger,
MailMon: mailMon,
LoopRegistry: plugins.NewLoopRegistry(lggr, config.Tracing(), config.Telemetry()),
LoopRegistry: plugins.NewLoopRegistry(lggr, config.Tracing(), config.Telemetry(), beholderAuthHeaders, csaPubKeyHex),
})
require.NoError(t, err)
require.NoError(t, app.GetKeyStore().Unlock(ctx, "password"))
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -455,7 +455,11 @@ func setupNodeCCIP(
},
CSAETHKeystore: simEthKeyStore,
}
loopRegistry := plugins.NewLoopRegistry(lggr.Named("LoopRegistry"), config.Tracing(), config.Telemetry())

beholderAuthHeaders, csaPubKeyHex, err := keystore.BuildBeholderAuth(keyStore)
require.NoError(t, err)

loopRegistry := plugins.NewLoopRegistry(lggr.Named("LoopRegistry"), config.Tracing(), config.Telemetry(), beholderAuthHeaders, csaPubKeyHex)
relayerFactory := chainlink.RelayerFactory{
Logger: lggr,
LoopRegistry: loopRegistry,
Expand Down Expand Up @@ -485,7 +489,7 @@ func setupNodeCCIP(
RestrictedHTTPClient: &http.Client{},
AuditLogger: audit.NoopLogger,
MailMon: mailMon,
LoopRegistry: plugins.NewLoopRegistry(lggr, config.Tracing(), config.Telemetry()),
LoopRegistry: plugins.NewLoopRegistry(lggr, config.Tracing(), config.Telemetry(), beholderAuthHeaders, csaPubKeyHex),
})
ctx := testutils.Context(t)
require.NoError(t, err)
Expand Down
4 changes: 2 additions & 2 deletions core/web/loop_registry_internal_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ func TestLoopRegistryServer_CantWriteToResponse(t *testing.T) {
l, o := logger.TestLoggerObserved(t, zap.ErrorLevel)
s := &LoopRegistryServer{
exposedPromPort: 1,
registry: plugins.NewLoopRegistry(l, nil, nil),
registry: plugins.NewLoopRegistry(l, nil, nil, nil, ""),
logger: l.(logger.SugaredLogger),
jsonMarshalFn: json.Marshal,
}
Expand All @@ -53,7 +53,7 @@ func TestLoopRegistryServer_CantMarshal(t *testing.T) {
l, o := logger.TestLoggerObserved(t, zap.ErrorLevel)
s := &LoopRegistryServer{
exposedPromPort: 1,
registry: plugins.NewLoopRegistry(l, nil, nil),
registry: plugins.NewLoopRegistry(l, nil, nil, nil, ""),
logger: l.(logger.SugaredLogger),
jsonMarshalFn: func(any) ([]byte, error) {
return []byte(""), errors.New("can't unmarshal")
Expand Down
12 changes: 9 additions & 3 deletions deployment/environment/memory/node.go
Original file line number Diff line number Diff line change
Expand Up @@ -145,10 +145,17 @@ func NewNode(
CSAETHKeystore: kStore,
}

// Build Beholder auth
ctx := tests.Context(t)
require.NoError(t, master.Unlock(ctx, "password"))
require.NoError(t, master.CSA().EnsureKey(ctx))
beholderAuthHeaders, csaPubKeyHex, err := keystore.BuildBeholderAuth(master)
require.NoError(t, err)

// Build relayer factory with EVM.
relayerFactory := chainlink.RelayerFactory{
Logger: lggr,
LoopRegistry: plugins.NewLoopRegistry(lggr.Named("LoopRegistry"), cfg.Tracing(), cfg.Telemetry()),
LoopRegistry: plugins.NewLoopRegistry(lggr.Named("LoopRegistry"), cfg.Tracing(), cfg.Telemetry(), beholderAuthHeaders, csaPubKeyHex),
GRPCOpts: loop.GRPCOpts{},
CapabilitiesRegistry: capabilities.NewRegistry(lggr),
}
Expand All @@ -168,7 +175,7 @@ func NewNode(
RestrictedHTTPClient: &http.Client{},
AuditLogger: audit.NoopLogger,
MailMon: mailMon,
LoopRegistry: plugins.NewLoopRegistry(lggr, cfg.Tracing(), cfg.Telemetry()),
LoopRegistry: plugins.NewLoopRegistry(lggr, cfg.Tracing(), cfg.Telemetry(), beholderAuthHeaders, csaPubKeyHex),
})
require.NoError(t, err)
t.Cleanup(func() {
Expand All @@ -193,7 +200,6 @@ type Keys struct {
func CreateKeys(t *testing.T,
app chainlink.Application, chains map[uint64]EVMChain) Keys {
ctx := tests.Context(t)
require.NoError(t, app.GetKeyStore().Unlock(ctx, "password"))
_, err := app.GetKeyStore().P2P().Create(ctx)
require.NoError(t, err)

Expand Down
Loading
Loading